mirror_zfs/module/icp
Richard Yao 566e908fa0 Fix bad free in skein code
Clang's static analyzer found a bad free caused by skein_mac_atomic().
It will allocate a context on the stack and then pass it to
skein_final(), which attempts to free it. Upon inspection,
skein_digest_atomic() also has the same problem.

These functions were created to match the OpenSolaris ICP API, so I was
curious how we avoided this in other providers and looked at the SHA2
code. It appears that SHA2 has a SHA2Final() helper function that is
called by the exported sha2_mac_final()/sha2_digest_final() as well as
the sha2_mac_atomic() and sha2_digest_atomic() functions. The real work
is done in SHA2Final() while some checks and the free are done in
sha2_mac_final()/sha2_digest_final().

We fix the use after free in the skein code by taking inspiration from
the SHA2 code. We introduce a skein_final_nofree() that does most of the
work, and make skein_final() into a function that calls it and then
frees the memory.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #13954
2022-09-28 17:25:10 -07:00
..
algs Fix -Wattribute-warning in edonr 2022-07-27 13:38:56 -07:00
api Remove checks for null out value in encryption paths 2020-03-26 10:41:57 -07:00
asm-x86_64 Fix objtool: missing int3 after ret warning 2022-07-27 13:38:56 -07:00
core Use fallthrough macro 2021-11-02 09:50:30 -07:00
include Fix objtool: missing int3 after ret warning 2022-07-27 13:38:56 -07:00
io Fix bad free in skein code 2022-09-28 17:25:10 -07:00
os Replace sprintf()->snprintf() and strcpy()->strlcpy() 2020-06-07 11:42:12 -07:00
spi Fix strdup conflict on other platforms 2019-10-10 09:47:06 -07:00
illumos-crypto.c Remove sha1 hashing from OpenZFS, it's not used anywhere. 2022-07-26 10:12:44 -07:00
Makefile.in Remove sha1 hashing from OpenZFS, it's not used anywhere. 2022-07-26 10:12:44 -07:00