From 2e2e26d14ed556cf57d65e109066a7c7d7ce00ac Mon Sep 17 00:00:00 2001
From: John Baldwin <jhb@FreeBSD.org>
Date: Wed, 5 Apr 2017 01:46:41 +0000
Subject: [PATCH] Don't leak a session and lock if a GMAC key has an invalid
 length.

Reviewed by:	delphij (secteam)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D10273
---
 sys/opencrypto/cryptosoft.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index 052916b8b68..e26390a9b5c 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -930,8 +930,11 @@ swcr_newsession(device_t dev, u_int32_t *sid, struct cryptoini *cri)
 			axf = &auth_hash_nist_gmac_aes_256;
 		auth4common:
 			len = cri->cri_klen / 8;
-			if (len != 16 && len != 24 && len != 32)
+			if (len != 16 && len != 24 && len != 32) {
+				swcr_freesession_locked(dev, i);
+				rw_runlock(&swcr_sessions_lock);
 				return EINVAL;
+			}
 
 			(*swd)->sw_ictx = malloc(axf->ctxsize, M_CRYPTO_DATA,
 			    M_NOWAIT);