[linux-next:master 4693/7876] crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: kernel test robot <lkp@intel.com>
To: Lukas Wunner <lukas@wunner.de>
Cc: oe-kbuild-all@lists.linux.dev,
	Linux Memory Management List <linux-mm@kvack.org>,
	Herbert Xu <herbert@gondor.apana.org.au>
Subject: [linux-next:master 4693/7876] crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure
Date: Wed, 24 Apr 2024 09:17:59 +0800	[thread overview]
Message-ID: <202404240904.Qi3nM37B-lkp@intel.com> (raw)

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head:   a59668a9397e7245b26e9be85d23f242ff757ae8
commit: 5c6ca9d936654a135b459c846885e08966e5e5bf [4693/7876] X.509: Introduce scope-based x509_certificate allocation
config: sparc-randconfig-r061-20240423 (https://download.01.org/0day-ci/archive/20240424/202404240904.Qi3nM37B-lkp@intel.com/config)
compiler: sparc64-linux-gcc (GCC) 13.2.0

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202404240904.Qi3nM37B-lkp@intel.com/

cocci warnings: (new ones prefixed by >>)
>> crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure

vim +69 crypto/asymmetric_keys/x509_cert_parser.c

    57	
    58	/*
    59	 * Parse an X.509 certificate
    60	 */
    61	struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
    62	{
    63		struct x509_certificate *cert __free(x509_free_certificate);
    64		struct x509_parse_context *ctx __free(kfree) = NULL;
    65		struct asymmetric_key_id *kid;
    66		long ret;
    67	
  > 68		cert = kzalloc(sizeof(struct x509_certificate), GFP_KERNEL);
  > 69		assume(!IS_ERR(cert)); /* Avoid gratuitous IS_ERR() check on return */
    70		if (!cert)
    71			return ERR_PTR(-ENOMEM);
    72		cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL);
    73		if (!cert->pub)
    74			return ERR_PTR(-ENOMEM);
    75		cert->sig = kzalloc(sizeof(struct public_key_signature), GFP_KERNEL);
    76		if (!cert->sig)
    77			return ERR_PTR(-ENOMEM);
    78		ctx = kzalloc(sizeof(struct x509_parse_context), GFP_KERNEL);
    79		if (!ctx)
    80			return ERR_PTR(-ENOMEM);
    81	
    82		ctx->cert = cert;
    83		ctx->data = (unsigned long)data;
    84	
    85		/* Attempt to decode the certificate */
    86		ret = asn1_ber_decoder(&x509_decoder, ctx, data, datalen);
    87		if (ret < 0)
    88			return ERR_PTR(ret);
    89	
    90		/* Decode the AuthorityKeyIdentifier */
    91		if (ctx->raw_akid) {
    92			pr_devel("AKID: %u %*phN\n",
    93				 ctx->raw_akid_size, ctx->raw_akid_size, ctx->raw_akid);
    94			ret = asn1_ber_decoder(&x509_akid_decoder, ctx,
    95					       ctx->raw_akid, ctx->raw_akid_size);
    96			if (ret < 0) {
    97				pr_warn("Couldn't decode AuthKeyIdentifier\n");
    98				return ERR_PTR(ret);
    99			}
   100		}
   101	
   102		cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL);
   103		if (!cert->pub->key)
   104			return ERR_PTR(-ENOMEM);
   105	
   106		cert->pub->keylen = ctx->key_size;
   107	
   108		cert->pub->params = kmemdup(ctx->params, ctx->params_size, GFP_KERNEL);
   109		if (!cert->pub->params)
   110			return ERR_PTR(-ENOMEM);
   111	
   112		cert->pub->paramlen = ctx->params_size;
   113		cert->pub->algo = ctx->key_algo;
   114	
   115		/* Grab the signature bits */
   116		ret = x509_get_sig_params(cert);
   117		if (ret < 0)
   118			return ERR_PTR(ret);
   119	
   120		/* Generate cert issuer + serial number key ID */
   121		kid = asymmetric_key_generate_id(cert->raw_serial,
   122						 cert->raw_serial_size,
   123						 cert->raw_issuer,
   124						 cert->raw_issuer_size);
   125		if (IS_ERR(kid))
   126			return ERR_CAST(kid);
   127		cert->id = kid;
   128	
   129		/* Detect self-signed certificates */
   130		ret = x509_check_for_self_signed(cert);
   131		if (ret < 0)
   132			return ERR_PTR(ret);
   133	
   134		return_ptr(cert);
   135	}
   136	EXPORT_SYMBOL_GPL(x509_cert_parse);
   137	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

                 reply	other threads:[~2024-04-24  1:18 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202404240904.Qi3nM37B-lkp@intel.com \
    --to=lkp@intel.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-mm@kvack.org \
    --cc=lukas@wunner.de \
    --cc=oe-kbuild-all@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox