copy_from_user could copy some partial information, as a result
TLS_CRYPTO_INFO_READY(crypto_info) could be true while crypto_info is
using uninitialzed data.

This patch resets crypto_info when copy_from_user fails.

fixes: 3c4d7559159b ("tls: kernel TLS support")
Signed-off-by: Boris Pismenny <bor...@mellanox.com>
---
 net/tls/tls_main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index a6c3702..c105f86 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -376,7 +376,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char 
__user *optval,
        rc = copy_from_user(crypto_info, optval, sizeof(*crypto_info));
        if (rc) {
                rc = -EFAULT;
-               goto out;
+               goto err_crypto_info;
        }
 
        /* check version */
-- 
1.8.3.1

Reply via email to