From 1cdb7da2adef29f8f90b78e0500e1db59ba76021 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Thu, 5 May 2022 11:39:01 +0200
Subject: [PATCH] Fix mem leaks on error path in reenc_keyslot_alloc.

---
 lib/luks2/luks2_keyslot_reenc.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/lib/luks2/luks2_keyslot_reenc.c b/lib/luks2/luks2_keyslot_reenc.c
index 34b49307..d189e02d 100644
--- a/lib/luks2/luks2_keyslot_reenc.c
+++ b/lib/luks2/luks2_keyslot_reenc.c
@@ -42,6 +42,9 @@ int reenc_keyslot_alloc(struct crypt_device *cd,
 
 	log_dbg(cd, "Allocating reencrypt keyslot %d.", keyslot);
 
+	if (!params || params->direction > CRYPT_REENCRYPT_BACKWARD)
+		return -EINVAL;
+
 	if (keyslot < 0 || keyslot >= LUKS2_KEYSLOTS_MAX)
 		return -ENOMEM;
 
@@ -64,6 +67,11 @@ int reenc_keyslot_alloc(struct crypt_device *cd,
 		return -ENOMEM;
 
 	jobj_area = json_object_new_object();
+	if (!jobj_area) {
+		json_object_put(jobj_keyslot);
+		return -ENOMEM;
+	}
+	json_object_object_add(jobj_keyslot, "area", jobj_area);
 
 	if (params->data_shift) {
 		json_object_object_add(jobj_area, "type", json_object_new_string("datashift"));
@@ -80,12 +88,8 @@ int reenc_keyslot_alloc(struct crypt_device *cd,
 	json_object_object_add(jobj_keyslot, "mode", json_object_new_string(crypt_reencrypt_mode_to_str(params->mode)));
 	if (params->direction == CRYPT_REENCRYPT_FORWARD)
 		json_object_object_add(jobj_keyslot, "direction", json_object_new_string("forward"));
-	else if (params->direction == CRYPT_REENCRYPT_BACKWARD)
-		json_object_object_add(jobj_keyslot, "direction", json_object_new_string("backward"));
 	else
-		return -EINVAL;
-
-	json_object_object_add(jobj_keyslot, "area", jobj_area);
+		json_object_object_add(jobj_keyslot, "direction", json_object_new_string("backward"));
 
 	json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot);
 	if (LUKS2_check_json_size(cd, hdr)) {