Commit 6fd06963 authored by Steffen Klassert's avatar Steffen Klassert
Browse files

xfrm: Fix error reporting in xfrm_state_construct. 



When memory allocation for XFRMA_ENCAP or XFRMA_COADDR fails,
the error will not be reported because the -ENOMEM assignment
to the err variable is overwritten before. Fix this by moving
these two in front of the function so that memory allocation
failures will be reported.

Reported-by: default avatarTobias Brunner <tobias@strongswan.org>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent eebd49a4

net/xfrm/xfrm_user.c

+14 −14
Original line number Diff line number Diff line
@@ -580,6 +580,20 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, 


	copy_from_user_state(x, p);



	if (attrs[XFRMA_ENCAP]) {

		x->encap = kmemdup(nla_data(attrs[XFRMA_ENCAP]),

				   sizeof(*x->encap), GFP_KERNEL);

		if (x->encap == NULL)

			goto error;

	}



	if (attrs[XFRMA_COADDR]) {

		x->coaddr = kmemdup(nla_data(attrs[XFRMA_COADDR]),

				    sizeof(*x->coaddr), GFP_KERNEL);

		if (x->coaddr == NULL)

			goto error;

	}



	if (attrs[XFRMA_SA_EXTRA_FLAGS])

		x->props.extra_flags = nla_get_u32(attrs[XFRMA_SA_EXTRA_FLAGS]);
@@ -600,23 +614,9 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, 
				   attrs[XFRMA_ALG_COMP])))

		goto error;



	if (attrs[XFRMA_ENCAP]) {

		x->encap = kmemdup(nla_data(attrs[XFRMA_ENCAP]),

				   sizeof(*x->encap), GFP_KERNEL);

		if (x->encap == NULL)

			goto error;

	}



	if (attrs[XFRMA_TFCPAD])

		x->tfcpad = nla_get_u32(attrs[XFRMA_TFCPAD]);



	if (attrs[XFRMA_COADDR]) {

		x->coaddr = kmemdup(nla_data(attrs[XFRMA_COADDR]),

				    sizeof(*x->coaddr), GFP_KERNEL);

		if (x->coaddr == NULL)

			goto error;

	}



	xfrm_mark_get(attrs, &x->mark);



	xfrm_smark_init(attrs, &x->props.smark);