summaryrefslogtreecommitdiffstats
path: root/security/keys/request_key_auth.c
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2017-09-21 22:57:41 +0200
committerDavid Howells <dhowells@redhat.com>2017-09-25 16:19:56 +0200
commitf7b48cf08fa63a68b59c2894806ee478216d7f91 (patch)
tree49f1c5c64627568698ea5313c40ad193d84db664 /security/keys/request_key_auth.c
parentKEYS: fix cred refcount leak in request_key_auth_new() (diff)
downloadlinux-f7b48cf08fa63a68b59c2894806ee478216d7f91.tar.xz
linux-f7b48cf08fa63a68b59c2894806ee478216d7f91.zip
KEYS: don't revoke uninstantiated key in request_key_auth_new()
If key_instantiate_and_link() were to fail (which fortunately isn't possible currently), the call to key_revoke(authkey) would crash with a NULL pointer dereference in request_key_auth_revoke() because the key has not yet been instantiated. Fix this by removing the call to key_revoke(). key_put() is sufficient, as it's not possible for an uninstantiated authkey to have been used for anything yet. Fixes: b5f545c880a2 ("[PATCH] keys: Permit running process to instantiate keys") Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/keys/request_key_auth.c')
-rw-r--r--security/keys/request_key_auth.c1
1 files changed, 0 insertions, 1 deletions
diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
index 69d6b3b35470..e356075ed2f8 100644
--- a/security/keys/request_key_auth.c
+++ b/security/keys/request_key_auth.c
@@ -220,7 +220,6 @@ struct key *request_key_auth_new(struct key *target, const void *callout_info,
return authkey;
error_put_authkey:
- key_revoke(authkey);
key_put(authkey);
error_free_rka:
free_request_key_auth(rka);