[PATCH] dm: crypto: Check malloc return value
Francois Berder
fberder at outlook.fr
Thu Dec 4 20:34:12 CET 2025
tmp_buffer is allocated using malloc but failure
is not handled.
This commit ensures that we do not use a NULL pointer
if malloc fails.
Signed-off-by: Francois Berder <fberder at outlook.fr>
---
drivers/crypto/aes/aes-uclass.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/aes/aes-uclass.c b/drivers/crypto/aes/aes-uclass.c
index 745c6ce57a9..5bdd3d736c4 100644
--- a/drivers/crypto/aes/aes-uclass.c
+++ b/drivers/crypto/aes/aes-uclass.c
@@ -156,13 +156,17 @@ int dm_aes_cmac(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks)
/* Process all blocks except last by calling engine several times per dma buffer size */
if (num_aes_blocks > 1) {
tmp_buffer = malloc(AES_BLOCK_LENGTH * min(num_aes_blocks - 1, TMP_BUFFER_LEN));
+ if (!tmp_buffer)
+ return -1;
while (num_aes_blocks > 1) {
u32 blocks = min(num_aes_blocks - 1, TMP_BUFFER_LEN);
/* Encrypt the current remaining set of blocks that fits in tmp buffer */
ret = dm_aes_cbc_encrypt(dev, tmp_block, src, tmp_buffer, blocks);
- if (ret)
+ if (ret) {
+ free(tmp_buffer);
return -1;
+ }
num_aes_blocks -= blocks;
src += blocks * AES_BLOCK_LENGTH;
--
2.43.0
More information about the U-Boot
mailing list