In the commit referenced by the Fixes tag, crypto_alloc_cipher()
was moved from reset_prng_context() to cprng_init(). However,
this approach does not account for the error path: when
reset_prng_context() fails, crypto_free_cipher() is never called,
resulting in a resource leak.

Free the allocated cipher before returning on reset_prng_context()
failure.

Fixes: fd09d7facb7c ("crypto: ansi_prng - alloc cipher just in init")
Signed-off-by: Haotian Zhang <vulab@iscas.ac.cn>
---
 crypto/ansi_cprng.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
index 153523ce6076..6cf505bcf794 100644
--- a/crypto/ansi_cprng.c
+++ b/crypto/ansi_cprng.c
@@ -329,8 +329,10 @@ static int cprng_init(struct crypto_tfm *tfm)
 		return PTR_ERR(ctx->tfm);
 	}
 
-	if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0)
+	if (reset_prng_context(ctx, NULL, DEFAULT_PRNG_KSZ, NULL, NULL) < 0) {
+		crypto_free_cipher(ctx->tfm);
 		return -EINVAL;
+	}
 
 	/*
 	 * after allocation, we should always force the user to reset
-- 
2.50.1.windows.1

On Thu, Nov 06, 2025 at 04:48:50PM +0800, Haotian Zhang wrote:
> In the commit referenced by the Fixes tag, crypto_alloc_cipher()
> was moved from reset_prng_context() to cprng_init(). However,
> this approach does not account for the error path: when
> reset_prng_context() fails, crypto_free_cipher() is never called,
> resulting in a resource leak.
> 
> Free the allocated cipher before returning on reset_prng_context()
> failure.
> 
> Fixes: fd09d7facb7c ("crypto: ansi_prng - alloc cipher just in init")
> Signed-off-by: Haotian Zhang <vulab@iscas.ac.cn>
> ---
>  crypto/ansi_cprng.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)

Please instead provide a patch to remove ansi_cprng.  It's obsolete
and unused.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt