]> www.infradead.org Git - users/dwmw2/qemu.git/commitdiff
crypto: avoid leak of ctx when bad cipher mode is given
authorDaniel P. Berrangé <berrange@redhat.com>
Mon, 10 Jun 2024 09:26:18 +0000 (10:26 +0100)
committerDaniel P. Berrangé <berrange@redhat.com>
Mon, 9 Sep 2024 14:13:38 +0000 (15:13 +0100)
Fixes: Coverity CID 1546884
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
crypto/cipher-nettle.c.inc

index 42b39e18a23d49b1a5d86eaa5874f849f444b522..766de036ba2012e1638fe9affa25818708a99d68 100644 (file)
@@ -734,16 +734,19 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
 #ifdef CONFIG_CRYPTO_SM4
     case QCRYPTO_CIPHER_ALG_SM4:
         {
-            QCryptoNettleSm4 *ctx = g_new0(QCryptoNettleSm4, 1);
+            QCryptoNettleSm4 *ctx;
+            const QCryptoCipherDriver *drv;
 
             switch (mode) {
             case QCRYPTO_CIPHER_MODE_ECB:
-                ctx->base.driver = &qcrypto_nettle_sm4_driver_ecb;
+                drv = &qcrypto_nettle_sm4_driver_ecb;
                 break;
             default:
                 goto bad_cipher_mode;
             }
 
+            ctx = g_new0(QCryptoNettleSm4, 1);
+            ctx->base.driver = drv;
             sm4_set_encrypt_key(&ctx->key[0], key);
             sm4_set_decrypt_key(&ctx->key[1], key);