KEYS: fix cred refcount leak in request_key_auth_new()
authorEric Biggers <ebiggers@google.com>
Thu, 21 Sep 2017 20:57:40 +0000 (13:57 -0700)
committerDavid Howells <dhowells@redhat.com>
Mon, 25 Sep 2017 14:03:55 +0000 (15:03 +0100)
commit44d8143340a99b167c74365e844516b73523c087
treea5f1901a9c6323577946f36885f2dc81ec807416
parentebb2c2437d8008d46796902ff390653822af6cc4
KEYS: fix cred refcount leak in request_key_auth_new()

In request_key_auth_new(), if key_alloc() or key_instantiate_and_link()
were to fail, we would leak a reference to the 'struct cred'.  Currently
this can only happen if key_alloc() fails to allocate memory.  But it
still should be fixed, as it is a more severe bug waiting to happen.

Fix it by cleaning things up to use a helper function which frees a
'struct request_key_auth' correctly.

Fixes: d84f4f992cbd ("CRED: Inaugurate COW credentials")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
security/keys/request_key_auth.c