Patchwork [61/81] net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree

login
register
mail settings
Submitter Herton Ronaldo Krzesinski
Date Feb. 19, 2013, 6:49 p.m.
Message ID <1361299784-8830-62-git-send-email-herton.krzesinski@canonical.com>
Download mbox | patch
Permalink /patch/221830/
State New
Headers show

Comments

Herton Ronaldo Krzesinski - Feb. 19, 2013, 6:49 p.m.
3.5.7.6 -stable review patch.  If anyone has any objections, please let me know.

------------------

From: Daniel Borkmann <dborkman@redhat.com>

commit 6ba542a291a5e558603ac51cda9bded347ce7627 upstream.

In sctp_setsockopt_auth_key, we create a temporary copy of the user
passed shared auth key for the endpoint or association and after
internal setup, we free it right away. Since it's sensitive data, we
should zero out the key before returning the memory back to the
allocator. Thus, use kzfree instead of kfree, just as we do in
sctp_auth_key_put().

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
---
 net/sctp/socket.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch

diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 944cfce..957bb6e 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -3375,7 +3375,7 @@  static int sctp_setsockopt_auth_key(struct sock *sk,
 
 	ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey);
 out:
-	kfree(authkey);
+	kzfree(authkey);
 	return ret;
 }