Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > Anyway, I think we should fix it by adding a new goto label that > does not free the SG list: > > unlock_free: > af_alg_free_sg(&ctx->sgl); > <--- Add new label here > hash_free_result(sk, ctx); > ctx->more = false; > goto unlock; Hmmm... Is that going to get you a potential memory leak? ctx->sgl.sgt.sgl could (in theory) point to an allocated table. I guess that would be cleaned up by af_alg_free_areq_sgls(), so there's probably no leak there. OTOH, af_alg_free_areq_sgls() is going to call af_alg_free_sg(), so maybe we want to initialise sgl->sgt.sgl to NULL as well. Does it make sense just to clear *ctx entirely in hash_accept_parent_nokey()? David