Hi, In sr_crypto_change_maskkey() p was being checked for NULL twice, once after malloc() and once at goto label. I think malloc() failure would be the only case where p doesn't need to be freed, so add a special goto label for this. Sorry if I got it wrong.
- Michael Index: softraid_crypto.c =================================================================== RCS file: /cvs/src/sys/dev/softraid_crypto.c,v retrieving revision 1.131 diff -u -p -u -r1.131 softraid_crypto.c --- softraid_crypto.c 8 Sep 2016 17:39:08 -0000 1.131 +++ softraid_crypto.c 17 Jan 2017 04:34:57 -0000 @@ -548,7 +548,7 @@ sr_crypto_change_maskkey(struct sr_disci ksz = sizeof(sd->mds.mdd_crypto.scr_key); p = malloc(ksz, M_DEVBUF, M_WAITOK | M_CANFAIL | M_ZERO); if (p == NULL) - goto out; + goto out_nomem; if (sr_crypto_decrypt(c, p, kdfinfo1->maskkey, ksz, sd->mds.mdd_crypto.scr_meta->scm_mask_alg) == -1) @@ -597,11 +597,10 @@ sr_crypto_change_maskkey(struct sr_disci rv = 0; /* Success */ out: - if (p) { - explicit_bzero(p, ksz); - free(p, M_DEVBUF, ksz); - } + explicit_bzero(p, ksz); + free(p, M_DEVBUF, ksz); +out_nomem: explicit_bzero(check_digest, sizeof(check_digest)); explicit_bzero(&kdfinfo1->maskkey, sizeof(kdfinfo1->maskkey)); explicit_bzero(&kdfinfo2->maskkey, sizeof(kdfinfo2->maskkey));