From patchwork Mon Sep 18 08:38:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tianjia Zhang X-Patchwork-Id: 141310 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp2513603vqi; Mon, 18 Sep 2023 01:50:35 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHNCUhSCaGqjbNACqzttHTaEgbHqgyJNdB85usVNGgQ6CPDcRJlm43CkQpOhe6ngTinTHeK X-Received: by 2002:aa7:88c3:0:b0:690:4362:7012 with SMTP id k3-20020aa788c3000000b0069043627012mr8075216pff.28.1695027035075; Mon, 18 Sep 2023 01:50:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695027035; cv=none; d=google.com; s=arc-20160816; b=otY1BPrxMnE1MyNRdUzdrn7vLKWnE8un9g0StoCfSI5F4l9UwtdxbEO49grs3/XpJJ 8DLtvB4+Khl08qNKyBd0NUS9B84IjwtuDyi9aKcNdmV5wzjpdkhv9SEIVrlreiMxik1O quE0jljpW7ya6hI7AuyOWW1tK7NOiOMvWEu4dKW3fXhwIE4CeFqRAGQlxJiYlobYNxcn L26YR2MOB3dHvez457lzgHvIjJ54jnwAs7qHtLJEJloEsywQ+ar7YjWetBaCJT2xdc1I bIs80KV5Evg+FNym0szu0Z3f6XphkMFKtySLDtkihQuTSefuE7+iHxptTVmX9vMWQjrf vJOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=OnIZxyPhx+Q9IMy+ffILYTD7o0NuA0ZbSu2HfEBe/ME=; fh=sDRasRhGWwQ13l32RXL4NlzsmlGGoxnRPSVoH6RXISQ=; b=LlesBjejQBp0OOjtnAUKXewrMBDPIMfkWqBFniHmmP6+4uqAvmiuhphf+oDHh7+bKc 2systKGoaFHTlPm9lNY7hzqE8tm3MOxGvqDXSgP5NG3SNeUYie0OdNg+keKo7UbjirlM ZQsbS9mDLwMmwAtkaEi/bbCHy85VE6KfdQJRGk4gqXy07jxLvnYbMz0jtJ4b7gHthnU9 6IDKU5Wx86KoWdX4JmWJBkBQoFBNRAG+JqGRIhKSQh7YSE+yYv3fkUiILGgmTUn4RpSS LoQTFq4ZtZRjNXb3BabJOpSQ856GmOsHkKLR093SBYeuJPX7pj4VF0gkbTBhwfaqL73u y1bQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id bx33-20020a056a02052100b005778dc6a841si8471099pgb.178.2023.09.18.01.50.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Sep 2023 01:50:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 6A766834103C; Mon, 18 Sep 2023 01:39:46 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240569AbjIRIjN (ORCPT + 27 others); Mon, 18 Sep 2023 04:39:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240816AbjIRIjF (ORCPT ); Mon, 18 Sep 2023 04:39:05 -0400 Received: from out30-132.freemail.mail.aliyun.com (out30-132.freemail.mail.aliyun.com [115.124.30.132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E3F36AA; Mon, 18 Sep 2023 01:38:58 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R111e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018045192;MF=tianjia.zhang@linux.alibaba.com;NM=1;PH=DS;RN=5;SR=0;TI=SMTPD_---0VsJFDGY_1695026333; Received: from localhost(mailfrom:tianjia.zhang@linux.alibaba.com fp:SMTPD_---0VsJFDGY_1695026333) by smtp.aliyun-inc.com; Mon, 18 Sep 2023 16:38:55 +0800 From: Tianjia Zhang To: Herbert Xu , "David S. Miller" , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Tianjia Zhang Subject: [PATCH] crypto: sm2 - Fix crash caused by uninitialized context Date: Mon, 18 Sep 2023 16:38:50 +0800 Message-Id: <20230918083850.84562-1-tianjia.zhang@linux.alibaba.com> X-Mailer: git-send-email 2.24.3 (Apple Git-128) MIME-Version: 1.0 X-Spam-Status: No, score=-9.9 required=5.0 tests=BAYES_00, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS, UNPARSEABLE_RELAY,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Mon, 18 Sep 2023 01:39:46 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777364668299999150 X-GMAIL-MSGID: 1777364668299999150 In sm2_compute_z_digest() function, the newly allocated structure mpi_ec_ctx is used, but forget to initialize it, which will cause a crash when performing subsequent operations. Fixes: e5221fa6a355 ("KEYS: asymmetric: Move sm2 code into x509_public_key") Cc: stable@vger.kernel.org # v6.5 Signed-off-by: Tianjia Zhang --- crypto/sm2.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/sm2.c b/crypto/sm2.c index 285b3cb7c0bc..5ab120d74c59 100644 --- a/crypto/sm2.c +++ b/crypto/sm2.c @@ -278,10 +278,14 @@ int sm2_compute_z_digest(struct shash_desc *desc, if (!ec) return -ENOMEM; - err = __sm2_set_pub_key(ec, key, keylen); + err = sm2_ec_ctx_init(ec); if (err) goto out_free_ec; + err = __sm2_set_pub_key(ec, key, keylen); + if (err) + goto out_deinit_ec; + bits_len = SM2_DEFAULT_USERID_LEN * 8; entl[0] = bits_len >> 8; entl[1] = bits_len & 0xff;