Skip to content

Commit

Permalink
net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree
Browse files Browse the repository at this point in the history
In sctp_setsockopt_auth_key, we create a temporary copy of the user
passed shared auth key for the endpoint or association and after
internal setup, we free it right away. Since it's sensitive data, we
should zero out the key before returning the memory back to the
allocator. Thus, use kzfree instead of kfree, just as we do in
sctp_auth_key_put().

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Daniel Borkmann authored and David S. Miller committed Feb 8, 2013
1 parent ab54ee8 commit 6ba542a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/sctp/socket.c
Original file line number Diff line number Diff line change
Expand Up @@ -3390,7 +3390,7 @@ static int sctp_setsockopt_auth_key(struct sock *sk,

ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey);
out:
kfree(authkey);
kzfree(authkey);
return ret;
}

Expand Down

0 comments on commit 6ba542a

Please sign in to comment.