Don't leak a session and lock if a GMAC key has an invalid length.
Reviewed by: delphij (secteam) MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D10273
This commit is contained in:
parent
a96da1c3fb
commit
2e2e26d14e
@ -930,8 +930,11 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
|
||||
axf = &auth_hash_nist_gmac_aes_256;
|
||||
auth4common:
|
||||
len = cri->cri_klen / 8;
|
||||
if (len != 16 && len != 24 && len != 32)
|
||||
if (len != 16 && len != 24 && len != 32) {
|
||||
swcr_freesession_locked(dev, i);
|
||||
rw_runlock(&swcr_sessions_lock);
|
||||
return EINVAL;
|
||||
}
|
||||
|
||||
(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
|
||||
M_NOWAIT);
|
||||
|
Loading…
Reference in New Issue
Block a user