[PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails

Eric Biggers Sun, 26 Nov 2017 23:19:57 -0800

From: Eric Biggers <[email protected]>

If pkcs7_check_authattrs() returns an error code, we should pass that
error code on, rather than using ENOMEM.


Fixes: 99db44350672 ("PKCS#7: Appropriately restrict authenticated attributes 
and content type")
Signed-off-by: Eric Biggers <[email protected]>
---
 crypto/asymmetric_keys/pkcs7_parser.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/asymmetric_keys/pkcs7_parser.c 
b/crypto/asymmetric_keys/pkcs7_parser.c
index c1ca1e86f5c4..a6dcaa659aa8 100644
--- a/crypto/asymmetric_keys/pkcs7_parser.c
+++ b/crypto/asymmetric_keys/pkcs7_parser.c
@@ -148,8 +148,10 @@ struct pkcs7_message *pkcs7_parse_message(const void 
*data, size_t datalen)
        }
 
        ret = pkcs7_check_authattrs(ctx->msg);
-       if (ret < 0)
+       if (ret < 0) {
+               msg = ERR_PTR(ret);
                goto out;
+       }
 
        msg = ctx->msg;
        ctx->msg = NULL;
-- 
2.15.0

[PATCH] pkcs7: return correct error code if pkcs7_check_authattrs() fails

Reply via email to