aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2014-09-16 12:29:03 -0400
committerDavid Howells <dhowells@redhat.com>2014-09-16 12:29:03 -0400
commitcecf5d2e1208da512a4c951c24acd66c54a4d06c (patch)
tree098624f09f316276da0d4f26d006b8d6ff4b41c0 /crypto
parent3cd0920cde6a726b9965b60184f9d5a54358304d (diff)
PKCS#7: Fix the parser cleanup to drain parsed out X.509 certs
Fix the parser cleanup code to drain parsed out X.509 certs in the case that the decode fails and we jump to error_decode. The function is rearranged so that the same cleanup code is used in the success case as the error case - just that the message descriptor under construction is only released if it is still pointed to by the context struct at that point. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/asymmetric_keys/pkcs7_parser.c39
1 files changed, 19 insertions, 20 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_parser.c b/crypto/asymmetric_keys/pkcs7_parser.c
index 4c4ea35c338b..1e9861da7ee4 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -81,47 +81,46 @@ EXPORT_SYMBOL_GPL(pkcs7_free_message);
81struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen) 81struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
82{ 82{
83 struct pkcs7_parse_context *ctx; 83 struct pkcs7_parse_context *ctx;
84 struct pkcs7_message *msg; 84 struct pkcs7_message *msg = ERR_PTR(-ENOMEM);
85 long ret; 85 int ret;
86 86
87 ret = -ENOMEM;
88 msg = kzalloc(sizeof(struct pkcs7_message), GFP_KERNEL);
89 if (!msg)
90 goto error_no_sig;
91 ctx = kzalloc(sizeof(struct pkcs7_parse_context), GFP_KERNEL); 87 ctx = kzalloc(sizeof(struct pkcs7_parse_context), GFP_KERNEL);
92 if (!ctx) 88 if (!ctx)
93 goto error_no_ctx; 89 goto out_no_ctx;
90 ctx->msg = kzalloc(sizeof(struct pkcs7_message), GFP_KERNEL);
91 if (!ctx->msg)
92 goto out_no_msg;
94 ctx->sinfo = kzalloc(sizeof(struct pkcs7_signed_info), GFP_KERNEL); 93 ctx->sinfo = kzalloc(sizeof(struct pkcs7_signed_info), GFP_KERNEL);
95 if (!ctx->sinfo) 94 if (!ctx->sinfo)
96 goto error_no_sinfo; 95 goto out_no_sinfo;
97 96
98 ctx->msg = msg;
99 ctx->data = (unsigned long)data; 97 ctx->data = (unsigned long)data;
100 ctx->ppcerts = &ctx->certs; 98 ctx->ppcerts = &ctx->certs;
101 ctx->ppsinfo = &ctx->msg->signed_infos; 99 ctx->ppsinfo = &ctx->msg->signed_infos;
102 100
103 /* Attempt to decode the signature */ 101 /* Attempt to decode the signature */
104 ret = asn1_ber_decoder(&pkcs7_decoder, ctx, data, datalen); 102 ret = asn1_ber_decoder(&pkcs7_decoder, ctx, data, datalen);
105 if (ret < 0) 103 if (ret < 0) {
106 goto error_decode; 104 msg = ERR_PTR(ret);
105 goto out;
106 }
107
108 msg = ctx->msg;
109 ctx->msg = NULL;
107 110
111out:
108 while (ctx->certs) { 112 while (ctx->certs) {
109 struct x509_certificate *cert = ctx->certs; 113 struct x509_certificate *cert = ctx->certs;
110 ctx->certs = cert->next; 114 ctx->certs = cert->next;
111 x509_free_certificate(cert); 115 x509_free_certificate(cert);
112 } 116 }
113 pkcs7_free_signed_info(ctx->sinfo); 117 pkcs7_free_signed_info(ctx->sinfo);
118out_no_sinfo:
119 pkcs7_free_message(ctx->msg);
120out_no_msg:
114 kfree(ctx); 121 kfree(ctx);
122out_no_ctx:
115 return msg; 123 return msg;
116
117error_decode:
118 pkcs7_free_signed_info(ctx->sinfo);
119error_no_sinfo:
120 kfree(ctx);
121error_no_ctx:
122 pkcs7_free_message(msg);
123error_no_sig:
124 return ERR_PTR(ret);
125} 124}
126EXPORT_SYMBOL_GPL(pkcs7_parse_message); 125EXPORT_SYMBOL_GPL(pkcs7_parse_message);
127 126