Patchwork [3.5.y.z,extended,stable] Patch "digsig: Fix memory leakage in digsig_verify_rsa()" has been added to staging queue

mail settings
Submitter Herton Ronaldo Krzesinski
Date Feb. 12, 2013, 9:18 p.m.
Message ID <>
Download mbox | patch
Permalink /patch/219978/
State New
Headers show


Herton Ronaldo Krzesinski - Feb. 12, 2013, 9:18 p.m.
This is a note to let you know that I have just added a patch titled

    digsig: Fix memory leakage in digsig_verify_rsa()

to the linux-3.5.y-queue branch of the 3.5.y.z extended stable tree 
which can be found at:;a=shortlog;h=refs/heads/linux-3.5.y-queue

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.5.y.z tree, see



From 7d6b130b4d63175f48fc26dbc5ede1d5ac0d48c1 Mon Sep 17 00:00:00 2001
From: YOSHIFUJI Hideaki <>
Date: Fri, 25 Jan 2013 16:54:20 +0200
Subject: [PATCH] digsig: Fix memory leakage in digsig_verify_rsa()

commit 7810cc1e7721220f1ed2a23ca95113d6434f6dcd upstream.

digsig_verify_rsa() does not free kmalloc'ed buffer returned by

Signed-off-by: YOSHIFUJI Hideaki <>
Signed-off-by: Dmitry Kasatkin <>
Signed-off-by: James Morris <>
Signed-off-by: Herton Ronaldo Krzesinski <>
 lib/digsig.c |    2 ++
 1 file changed, 2 insertions(+)



diff --git a/lib/digsig.c b/lib/digsig.c
index 8c0e629..dc2be7e 100644
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -162,6 +162,8 @@  static int digsig_verify_rsa(struct key *key,
 	memset(out1, 0, head);
 	memcpy(out1 + head, p, l);

+	kfree(p);
 	err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
 	if (err)
 		goto err;