From 8ecb506d3476aa58077e79ef1f75395625458fcc Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Fri, 8 Dec 2017 15:13:28 +0000
Subject: [PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails
Git-commit: 8ecb506d3476aa58077e79ef1f75395625458fcc
Patch-mainline: v4.15-rc3
References: bsc#1051510
If pkcs7_check_authattrs() returns an error code, we should pass that
error code on, rather than using ENOMEM.
Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes and content type")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Acked-by: Takashi Iwai <tiwai@suse.de>
---
crypto/asymmetric_keys/pkcs7_parser.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -143,8 +143,10 @@ struct pkcs7_message *pkcs7_parse_messag
}
ret = pkcs7_check_authattrs(ctx->msg);
- if (ret < 0)
+ if (ret < 0) {
+ msg = ERR_PTR(ret);
goto out;
+ }
msg = ctx->msg;
ctx->msg = NULL;