crypto: afalg: fix a NULL pointer dereference

Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with errp=NULL, this will cause a NULL pointer dereference if afalg_driver doesn't support requested algos: ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov, result, resultlen, errp); if (ret == 0) { return ret; } error_free(*errp); // <--- here Because the error message is thrown away immediately, we should just pass NULL to hash_bytesv(). There is also the same problem in afalg-backend cipher & hmac, let's fix them together. Reviewed-by: Eric Blake <eblake@redhat.com> Reported-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Longpeng <longpeng2@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2025-08-06 01:03:55 -06:00 · 2017-11-07 19:32:06 +08:00 · 2017-11-07 19:32:06 +08:00 · f1710638ed
commit f1710638ed
parent b417a7624c
3 changed files with 8 additions and 16 deletions
--- a/crypto/hash.c
+++ b/crypto/hash.c
@ -48,19 +48,16 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
 {
 #ifdef CONFIG_AF_ALG
    int ret;
-
-    ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
-                                                result, resultlen,
-                                                errp);
-    if (ret == 0) {
-        return ret;
-    }
-
    /*
     * TODO:
     * Maybe we should treat some afalg errors as fatal
     */
-    error_free(*errp);
+    ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
+                                                result, resultlen,
+                                                NULL);
+    if (ret == 0) {
+        return ret;
+    }
 #endif

    return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,