Commit 6ba542a2 authored by Daniel Borkmann's avatar Daniel Borkmann Committed by David S. Miller
Browse files

net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree 



In sctp_setsockopt_auth_key, we create a temporary copy of the user
passed shared auth key for the endpoint or association and after
internal setup, we free it right away. Since it's sensitive data, we
should zero out the key before returning the memory back to the
allocator. Thus, use kzfree instead of kfree, just as we do in
sctp_auth_key_put().

Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent ab54ee80

net/sctp/socket.c

+1 −1
Original line number Diff line number Diff line
@@ -3390,7 +3390,7 @@ static int sctp_setsockopt_auth_key(struct sock *sk, 


	ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey);

out:

	kfree(authkey);

	kzfree(authkey);

	return ret;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE