eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix memory leak in kernel keyring keyslot context.

Browse Source 
The leak occured only when the context instance was
used more than once.
This commit is contained in:
Ondrej Kozina
2023-11-03 16:12:35 +01:00
committed by Milan Broz
parent abf7e3e359
commit d09b27a170
2 changed files with 5 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/keyslot_context.c
View File

@@ -411,6 +411,8 @@ static int get_key_by_vk_in_keyring(struct crypt_device *cd,
int segment __attribute__((unused)), int segment __attribute__((unused)),
struct volume_key **r_vk) struct volume_key **r_vk)
{ {
char *key;
size_t key_size;
int r; int r;
assert(cd); assert(cd);
@@ -418,14 +420,15 @@ static int get_key_by_vk_in_keyring(struct crypt_device *cd,
assert(r_vk); assert(r_vk);
r = crypt_keyring_get_key_by_name(cd, kc->u.vk_kr.key_description, r = crypt_keyring_get_key_by_name(cd, kc->u.vk_kr.key_description,
&kc->i_volume_key, &kc->i_volume_key_size); &key, &key_size);
if (r < 0) { if (r < 0) {
log_err(cd, _("Failed to read volume key candidate from keyring.")); log_err(cd, _("Failed to read volume key candidate from keyring."));
kc->error = -EINVAL; kc->error = -EINVAL;
return -EINVAL; return -EINVAL;
} }
*r_vk = crypt_alloc_volume_key(kc->i_volume_key_size, kc->i_volume_key); *r_vk = crypt_alloc_volume_key(key_size, key);
crypt_safe_free(key);
if (!*r_vk) { if (!*r_vk) {
kc->error = -ENOMEM; kc->error = -ENOMEM;
return kc->error; return kc->error;
@@ -449,8 +452,6 @@ static void unlock_method_init_internal(struct crypt_keyslot_context *kc)
kc->error = 0; kc->error = 0;
kc->i_passphrase = NULL; kc->i_passphrase = NULL;
kc->i_passphrase_size = 0; kc->i_passphrase_size = 0;
kc->i_volume_key = NULL;
kc->i_volume_key_size = 0;
} }
void crypt_keyslot_unlock_by_keyring_internal(struct crypt_keyslot_context *kc, void crypt_keyslot_unlock_by_keyring_internal(struct crypt_keyslot_context *kc,
@@ -619,9 +620,6 @@ void crypt_keyslot_context_destroy_internal(struct crypt_keyslot_context *kc)
crypt_safe_free(kc->i_passphrase); crypt_safe_free(kc->i_passphrase);
kc->i_passphrase = NULL; kc->i_passphrase = NULL;
kc->i_passphrase_size = 0; kc->i_passphrase_size = 0;
crypt_safe_free(kc->i_volume_key);
kc->i_volume_key = NULL;
kc->i_volume_key_size = 0;
} }
void crypt_keyslot_context_free(struct crypt_keyslot_context *kc) void crypt_keyslot_context_free(struct crypt_keyslot_context *kc)

2
lib/keyslot_context.h
View File

@@ -100,8 +100,6 @@ struct crypt_keyslot_context {
char *i_passphrase; char *i_passphrase;
size_t i_passphrase_size; size_t i_passphrase_size;
char *i_volume_key;
size_t i_volume_key_size;
keyslot_context_get_key get_luks2_key; keyslot_context_get_key get_luks2_key;
keyslot_context_get_volume_key get_luks1_volume_key; keyslot_context_get_volume_key get_luks1_volume_key;