ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig()

This patch replaces the check of the 'matching_auth_tok' pointer with the exit status of ecryptfs_find_auth_tok_for_sig(). This avoids to use authentication tokens obtained through the function ecryptfs_keyring_auth_tok_for_sig which are not valid. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Cc: Dustin Kirkland <kirkland@canonical.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>

ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig()
This patch replaces the check of the 'matching_auth_tok' pointer with the exit status of ecryptfs_find_auth_tok_for_sig(). This avoids to use authentication tokens obtained through the function ecryptfs_keyring_auth_tok_for_sig which are not valid. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Cc: Dustin Kirkland <kirkland@canonical.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Roberto Sassu · Tyler Hicks
1 parent aee683b9e7
Showing 1 changed file with 2 additions and 2 deletions Side-by-side Diff
fs/ecryptfs/keystore.c
@@ -1819,11 +1819,11 @@
 			rc = -EINVAL;
 			goto out_wipe_list;
 		}
-		ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
+		rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
 					       &matching_auth_tok,
 					       crypt_stat->mount_crypt_stat,
 					       candidate_auth_tok_sig);
-		if (matching_auth_tok) {
+		if (!rc) {
 			found_auth_tok = 1;
 			goto found_matching_auth_tok;
 		}
...	...	@@ -1819,11 +1819,11 @@
1819	1819	rc = -EINVAL;
1820	1820	goto out_wipe_list;
1821	1821	}
1822		- ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
	1822	+ rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
1823	1823	&matching_auth_tok,
1824	1824	crypt_stat->mount_crypt_stat,
1825	1825	candidate_auth_tok_sig);
1826		- if (matching_auth_tok) {
	1826	+ if (!rc) {
1827	1827	found_auth_tok = 1;
1828	1828	goto found_matching_auth_tok;
1829	1829	}