On Tue, Jul 17, 2018 at 9:43 AM, Eric Biggers <ebiggers3@xxxxxxxxx> wrote: > On Mon, Jul 16, 2018 at 09:21:49PM -0700, Kees Cook wrote: >> + reqsize = sizeof(struct shash_desc) + crypto_shash_descsize(shash); >> + if (WARN_ON(reqsize > AHASH_MAX_REQSIZE)) { >> + crypto_mod_put(calg); >> + return -EINVAL; >> + } > > 'crypto_free_shash(shash);' instead of 'crypto_mod_put(calg);' Oops! Yes, thanks; I have fixed it now in the next version. -Kees -- Kees Cook Pixel Security