This is a note to let you know that I've just added the patch titled
digsig: Fix memory leakage in digsig_verify_rsa()
to the 3.7-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
digsig-fix-memory-leakage-in-digsig_verify_rsa.patch
and it can be found in the queue-3.7 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 7810cc1e7721220f1ed2a23ca95113d6434f6dcd Mon Sep 17 00:00:00 2001
From: YOSHIFUJI Hideaki <[email protected]>
Date: Fri, 25 Jan 2013 16:54:20 +0200
Subject: digsig: Fix memory leakage in digsig_verify_rsa()
From: YOSHIFUJI Hideaki <[email protected]>
commit 7810cc1e7721220f1ed2a23ca95113d6434f6dcd upstream.
digsig_verify_rsa() does not free kmalloc'ed buffer returned by
mpi_get_buffer().
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
Signed-off-by: Dmitry Kasatkin <[email protected]>
Signed-off-by: James Morris <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
lib/digsig.c | 2 ++
1 file changed, 2 insertions(+)
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -162,6 +162,8 @@ static int digsig_verify_rsa(struct key
memset(out1, 0, head);
memcpy(out1 + head, p, l);
+ kfree(p);
+
err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
if (err)
goto err;
Patches currently in stable-queue which might be from [email protected]
are
queue-3.7/digsig-fix-memory-leakage-in-digsig_verify_rsa.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
