From: Wei Yongjun weiyongjun1@huawei.com
commit e0664ebcea6ac5e16da703409fb4bd61f8cd37d9 upstream.
Fix to return negative error code -ENOMEM from the kzalloc error handling case instead of 0, as done elsewhere in this function.
Reported-by: Xiumei Mu xmu@redhat.com Fixes: db07cd26ac6a ("crypto: drbg - add FIPS 140-2 CTRNG for noise source") Cc: stable@vger.kernel.org Signed-off-by: Wei Yongjun weiyongjun1@huawei.com Reviewed-by: Stephan Mueller smueller@chronox.de Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- crypto/drbg.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
--- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1294,8 +1294,10 @@ static inline int drbg_alloc_state(struc if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) { drbg->prev = kzalloc(drbg_sec_strength(drbg->core->flags), GFP_KERNEL); - if (!drbg->prev) + if (!drbg->prev) { + ret = -ENOMEM; goto fini; + } drbg->fips_primed = false; }