Hi,
On Thu, 4 Mar 2021 at 04:23, Pavel Skripkin wrote:
...
> >
> > I think this need to be:
> >
> > if (!IS_ERR_OR_NULL(key->tfm[i]))
> >
> > otherwise we still run into issues for the current iterator when
> > key->tfm[i] is in range of IS_ERR().
>
> Oh... I got it completly wrong, I'm sorry. If
Hi, thanks for your reply!
On Wed, 2021-03-03 at 21:40 -0500, Alexander Aring wrote:
> Hi,
>
> On Wed, 3 Mar 2021 at 11:28, Pavel Skripkin
> wrote:
> > syzbot found general protection fault in crypto_destroy_tfm()[1].
> > It was caused by wrong clean up loop in llsec_key_alloc().
> > If one of t
Hi,
On Wed, 3 Mar 2021 at 11:28, Pavel Skripkin wrote:
>
> syzbot found general protection fault in crypto_destroy_tfm()[1].
> It was caused by wrong clean up loop in llsec_key_alloc().
> If one of the tfm array members won't be initialized it will cause
> NULL dereference in crypto_destroy_tfm()
syzbot found general protection fault in crypto_destroy_tfm()[1].
It was caused by wrong clean up loop in llsec_key_alloc().
If one of the tfm array members won't be initialized it will cause
NULL dereference in crypto_destroy_tfm().
Call Trace:
crypto_free_aead include/crypto/aead.h:191 [inline]
