libceph: fix crypto key null deref, memory leak

Avoid crashing if the crypto key payload was NULL, as when it was not correctly allocated and initialized. Also, avoid leaking it. Signed-off-by: N Sylvain Munaut <tnt@246tNt.com> Signed-off-by: N Sage Weil <sage@inktank.com> Reviewed-by: N Alex Elder <elder@inktank.com>

libceph: fix crypto key null deref, memory leak
Avoid crashing if the crypto key payload was NULL, as when it was not correctly allocated and initialized. Also, avoid leaking it. Signed-off-by: N Sylvain Munaut <tnt@246tNt.com> Signed-off-by: N Sage Weil <sage@inktank.com> Reviewed-by: N Alex Elder <elder@inktank.com>
f0666b1a · Sylvain Munaut · Sage Weil · 5ef50c3b · f0666b1a · f0666b1a
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

net/ceph/crypto.c net/ceph/crypto.c +1 -0

net/ceph/crypto.h net/ceph/crypto.h +2 -1

未找到文件。
--- a/net/ceph/crypto.c
+++ b/net/ceph/crypto.c
@@ -466,6 +466,7 @@ void ceph_key_destroy(struct key *key) {
 	struct ceph_crypto_key *ckey = key->payload.data;

 	ceph_crypto_key_destroy(ckey);
+	kfree(ckey);
 }

 struct key_type key_type_ceph = {

--- a/net/ceph/crypto.h
+++ b/net/ceph/crypto.h
@@ -16,7 +16,8 @@ struct ceph_crypto_key {

 static inline void ceph_crypto_key_destroy(struct ceph_crypto_key *key)
 {
-	kfree(key->key);
+	if (key)
+		kfree(key->key);
 }

 extern int ceph_crypto_key_clone(struct ceph_crypto_key *dst,