crypto: api - check for ERR pointers in crypto_destroy_tfm()

Given that crypto_alloc_tfm() may return ERR pointers, and to avoid crashes on obscure error paths where such pointers are presented to crypto_destroy_tfm() (such as [0]), add an ERR_PTR check there before dereferencing the second argument as a struct crypto_tfm pointer. [0] https://lore.kernel.org/linux-crypto/000000000000de949705bc59e0f6@google.com/ Reported-by: syzbot+12cf5fbfdeba210a89dd@syzkaller.appspotmail.com Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2025-06-17 20:25:19 +00:00 · 2021-03-02 21:33:03 +01:00 · 2021-03-02 21:33:03 +01:00 · 83681f2beb
commit 83681f2beb
parent 98b5ef3e97
8 changed files with 17 additions and 1 deletions
--- a/include/crypto/aead.h
+++ b/include/crypto/aead.h
@ -185,6 +185,8 @@ static inline struct crypto_tfm *crypto_aead_tfm(struct crypto_aead *tfm)
 /**
 * crypto_free_aead() - zeroize and free aead handle
 * @tfm: cipher handle to be freed
+ *
+ * If @tfm is a NULL or error pointer, this function does nothing.
 */
 static inline void crypto_free_aead(struct crypto_aead *tfm)
 {