tls: rx: react to strparser initialization errors

Sabrina Dubroca · Sabrina Dubroca · commit dbe0e1864912 · 2022-12-02T08:54:45.000+01:00
Tested: selftests Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2143700 commit 849f16b Author: Jakub Kicinski <kuba@kernel.org> Date: Mon Aug 15 17:23:58 2022 -0700 tls: rx: react to strparser initialization errors Even though the normal strparser's init function has a return value we got away with ignoring errors until now, as it only validates the parameters and we were passing correct parameters. tls_strp can fail to init on memory allocation errors, which syzbot duly induced and reported. Reported-by: syzbot+abd45eb849b05194b1b6@syzkaller.appspotmail.com Fixes: 84c61fe ("tls: rx: do not use the standard strparser") Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sabrina Dubroca <sdubroca@redhat.com>
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
@@ -2707,7 +2707,9 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 			crypto_info->version != TLS_1_3_VERSION &&
 			!!(tfm->__crt_alg->cra_flags & CRYPTO_ALG_ASYNC);
 
-		tls_strp_init(&sw_ctx_rx->strp, sk);
+		rc = tls_strp_init(&sw_ctx_rx->strp, sk);
+		if (rc)
+			goto free_aead;
 	}
 
 	goto out;

Original file line number	Diff line number	Diff line change
`@@ -2707,7 +2707,9 @@ int tls_set_sw_offload(struct sock sk, struct tls_context ctx, int tx)`
`2707`	`2707`	`crypto_info->version != TLS_1_3_VERSION &&`
`2708`	`2708`	`!!(tfm->__crt_alg->cra_flags & CRYPTO_ALG_ASYNC);`
`2709`	`2709`
`2710`		`- tls_strp_init(&sw_ctx_rx->strp, sk);`
	`2710`	`+ rc = tls_strp_init(&sw_ctx_rx->strp, sk);`
	`2711`	`+ if (rc)`
	`2712`	`+ goto free_aead;`
`2711`	`2713`	`}`
`2712`	`2714`
`2713`	`2715`	`goto out;`