tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master head: a59668a9397e7245b26e9be85d23f242ff757ae8 commit: 5c6ca9d936654a135b459c846885e08966e5e5bf [4693/7876] X.509: Introduce scope-based x509_certificate allocation config: sparc-randconfig-r061-20240423 (https://download.01.org/0day-ci/archive/20240424/202404240904.Qi3nM37B-lkp@xxxxxxxxx/config) compiler: sparc64-linux-gcc (GCC) 13.2.0 If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp@xxxxxxxxx> | Closes: https://lore.kernel.org/oe-kbuild-all/202404240904.Qi3nM37B-lkp@xxxxxxxxx/ cocci warnings: (new ones prefixed by >>) >> crypto/asymmetric_keys/x509_cert_parser.c:69:9-15: ERROR: allocation function on line 68 returns NULL not ERR_PTR on failure vim +69 crypto/asymmetric_keys/x509_cert_parser.c 57 58 /* 59 * Parse an X.509 certificate 60 */ 61 struct x509_certificate *x509_cert_parse(const void *data, size_t datalen) 62 { 63 struct x509_certificate *cert __free(x509_free_certificate); 64 struct x509_parse_context *ctx __free(kfree) = NULL; 65 struct asymmetric_key_id *kid; 66 long ret; 67 > 68 cert = kzalloc(sizeof(struct x509_certificate), GFP_KERNEL); > 69 assume(!IS_ERR(cert)); /* Avoid gratuitous IS_ERR() check on return */ 70 if (!cert) 71 return ERR_PTR(-ENOMEM); 72 cert->pub = kzalloc(sizeof(struct public_key), GFP_KERNEL); 73 if (!cert->pub) 74 return ERR_PTR(-ENOMEM); 75 cert->sig = kzalloc(sizeof(struct public_key_signature), GFP_KERNEL); 76 if (!cert->sig) 77 return ERR_PTR(-ENOMEM); 78 ctx = kzalloc(sizeof(struct x509_parse_context), GFP_KERNEL); 79 if (!ctx) 80 return ERR_PTR(-ENOMEM); 81 82 ctx->cert = cert; 83 ctx->data = (unsigned long)data; 84 85 /* Attempt to decode the certificate */ 86 ret = asn1_ber_decoder(&x509_decoder, ctx, data, datalen); 87 if (ret < 0) 88 return ERR_PTR(ret); 89 90 /* Decode the AuthorityKeyIdentifier */ 91 if (ctx->raw_akid) { 92 pr_devel("AKID: %u %*phN\n", 93 ctx->raw_akid_size, ctx->raw_akid_size, ctx->raw_akid); 94 ret = asn1_ber_decoder(&x509_akid_decoder, ctx, 95 ctx->raw_akid, ctx->raw_akid_size); 96 if (ret < 0) { 97 pr_warn("Couldn't decode AuthKeyIdentifier\n"); 98 return ERR_PTR(ret); 99 } 100 } 101 102 cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL); 103 if (!cert->pub->key) 104 return ERR_PTR(-ENOMEM); 105 106 cert->pub->keylen = ctx->key_size; 107 108 cert->pub->params = kmemdup(ctx->params, ctx->params_size, GFP_KERNEL); 109 if (!cert->pub->params) 110 return ERR_PTR(-ENOMEM); 111 112 cert->pub->paramlen = ctx->params_size; 113 cert->pub->algo = ctx->key_algo; 114 115 /* Grab the signature bits */ 116 ret = x509_get_sig_params(cert); 117 if (ret < 0) 118 return ERR_PTR(ret); 119 120 /* Generate cert issuer + serial number key ID */ 121 kid = asymmetric_key_generate_id(cert->raw_serial, 122 cert->raw_serial_size, 123 cert->raw_issuer, 124 cert->raw_issuer_size); 125 if (IS_ERR(kid)) 126 return ERR_CAST(kid); 127 cert->id = kid; 128 129 /* Detect self-signed certificates */ 130 ret = x509_check_for_self_signed(cert); 131 if (ret < 0) 132 return ERR_PTR(ret); 133 134 return_ptr(cert); 135 } 136 EXPORT_SYMBOL_GPL(x509_cert_parse); 137 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki
