mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2024-12-25 18:59:33 +03:00
Fix possible NULL pointer dereference in sha2_mac_init()
If mechanism->cm_param is NULL, passing mechanism to PROV_SHA2_GET_DIGEST_LEN() will dereference a NULL pointer. Coverity reported this. Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu> Closes #14044
This commit is contained in:
parent
c6b161e390
commit
6ae2f90888
@ -737,13 +737,16 @@ sha2_mac_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
|
|||||||
*/
|
*/
|
||||||
if (mechanism->cm_type % 3 == 2) {
|
if (mechanism->cm_type % 3 == 2) {
|
||||||
if (mechanism->cm_param == NULL ||
|
if (mechanism->cm_param == NULL ||
|
||||||
mechanism->cm_param_len != sizeof (ulong_t))
|
mechanism->cm_param_len != sizeof (ulong_t)) {
|
||||||
ret = CRYPTO_MECHANISM_PARAM_INVALID;
|
ret = CRYPTO_MECHANISM_PARAM_INVALID;
|
||||||
|
} else {
|
||||||
PROV_SHA2_GET_DIGEST_LEN(mechanism,
|
PROV_SHA2_GET_DIGEST_LEN(mechanism,
|
||||||
PROV_SHA2_HMAC_CTX(ctx)->hc_digest_len);
|
PROV_SHA2_HMAC_CTX(ctx)->hc_digest_len);
|
||||||
if (PROV_SHA2_HMAC_CTX(ctx)->hc_digest_len > sha_digest_len)
|
if (PROV_SHA2_HMAC_CTX(ctx)->hc_digest_len >
|
||||||
|
sha_digest_len)
|
||||||
ret = CRYPTO_MECHANISM_PARAM_INVALID;
|
ret = CRYPTO_MECHANISM_PARAM_INVALID;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (ret != CRYPTO_SUCCESS) {
|
if (ret != CRYPTO_SUCCESS) {
|
||||||
memset(ctx->cc_provider_private, 0, sizeof (sha2_hmac_ctx_t));
|
memset(ctx->cc_provider_private, 0, sizeof (sha2_hmac_ctx_t));
|
||||||
|
Loading…
Reference in New Issue
Block a user