From patchwork Fri Apr 30 18:58:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Rix X-Patchwork-Id: 12234101 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9E180C433B4 for ; Fri, 30 Apr 2021 18:58:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4CAE56145D for ; Fri, 30 Apr 2021 18:58:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231136AbhD3S7H (ORCPT ); Fri, 30 Apr 2021 14:59:07 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:41494 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229954AbhD3S7G (ORCPT ); Fri, 30 Apr 2021 14:59:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1619809097; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=k42L3xryaez+oSKmSu1QdAMryLEAIpMx64ypVwr/urA=; b=HSCfNmcC5FNNo0sClUmd7Qv56qS+P6IBK7c2S84PLUFA2CtCYPAVlNIlBQe/TYGH6KRh+3 A5TpflRhccUa2yx20sbmKW1p56t9ewBTFZdVjOWoCRhNNHhCyRAkK1EC4XEfy38ZZbiQ6J CiqdsDsoNnHH7fxHVqbBQV3FYoZNhTQ= Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-356-nfWcONYzPjynnYkldjApbQ-1; Fri, 30 Apr 2021 14:58:15 -0400 X-MC-Unique: nfWcONYzPjynnYkldjApbQ-1 Received: by mail-qt1-f200.google.com with SMTP id h12-20020ac8744c0000b02901ba644d864fso19652182qtr.8 for ; Fri, 30 Apr 2021 11:58:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=k42L3xryaez+oSKmSu1QdAMryLEAIpMx64ypVwr/urA=; b=tHSjjClO2XQZCTa+JNp8AZ5RnAKvsryvMfEkhWGqhQZVHDsg6XYUud7tOv2KLCpP36 0Wk1nu+G+Wy/B6okt8tkDb/zcRRtdYjVVGoW3mrQj88+SgEoF+x82oMRbWRqIOWqGBSs dgLtm2WgBby51IZD9Q2vOrcFzGajme+5+DB37uQyUs6nS6kZrr6ECvXTS2MccS4FjwCR LJKbN4NA8vVSp1gs5vfTOhAV2QcClHYvIJUQoTWluZuA9JRLNzasrx5+2xK/Se0uJOZE CSZ4VdpLqyPmr0Ienol0oTl8lTTLf0K4E3b63ebGR5UkjAtPpRO+I+gA26vwaeqWdi6V oE4Q== X-Gm-Message-State: AOAM531PkckS4bS+OoKM4+/dfgMwR5+D3cLkJeAAzO6QdYGOm/4vLKo8 g2y3nbV0W7MujjhuQOoIZbLMSy7a3TCm5em/NpiEjuGjuXw/zQH+JIntkLPYtJwpg6E8CYoA1YE cKOAl6Lagmo+ipE6uXDA= X-Received: by 2002:ae9:f205:: with SMTP id m5mr6950980qkg.101.1619809095101; Fri, 30 Apr 2021 11:58:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyR2o64jnSyLn3IiYpCSQfqm0Tweb+Lrh1Ejl4G4c7Bimvr+FTabvOuLg5CiYAx+Ty5nMnEEg== X-Received: by 2002:ae9:f205:: with SMTP id m5mr6950963qkg.101.1619809094911; Fri, 30 Apr 2021 11:58:14 -0700 (PDT) Received: from localhost.localdomain.com (075-142-250-213.res.spectrum.com. [75.142.250.213]) by smtp.gmail.com with ESMTPSA id b17sm2802557qto.88.2021.04.30.11.58.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Apr 2021 11:58:14 -0700 (PDT) From: trix@redhat.com To: jejb@linux.ibm.com, jarkko@kernel.org, zohar@linux.ibm.com, dhowells@redhat.com, jmorris@namei.org, serge@hallyn.com Cc: linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Rix Subject: [PATCH] KEYS: trusted: fix memory leak Date: Fri, 30 Apr 2021 11:58:10 -0700 Message-Id: <20210430185810.3331311-1-trix@redhat.com> X-Mailer: git-send-email 2.26.3 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Tom Rix Static analysis reports this problem trusted-keys/trusted_tpm1.c:496:10: warning: Potential memory leak return ret; ^~~ In tpm_seal() some failure handling returns directly, without freeing memory. Fixes: 5df16caada3f ("KEYS: trusted: Fix incorrect handling of tpm_get_random()") Signed-off-by: Tom Rix --- security/keys/trusted-keys/trusted_tpm1.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c index 469394550801..aa108bea6739 100644 --- a/security/keys/trusted-keys/trusted_tpm1.c +++ b/security/keys/trusted-keys/trusted_tpm1.c @@ -493,10 +493,12 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); if (ret < 0) - return ret; + goto out; - if (ret != TPM_NONCE_SIZE) - return -EIO; + if (ret != TPM_NONCE_SIZE) { + ret = -EIO; + goto out; + } ordinal = htonl(TPM_ORD_SEAL); datsize = htonl(datalen);