diff options
author | Stephan Mueller <smueller@chronox.de> | 2016-12-01 08:22:37 +0100 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2016-12-01 21:06:44 +0800 |
commit | 5937d81a9613a98381c1571a159ac971ae02182c (patch) | |
tree | 037fb547505846438c65f8afb8517f29654bba50 | |
parent | efad2b61ae258df4fb3896f5e7cd9c701f4979e6 (diff) |
crypto: algif_aead - fix AIO handling of zero buffer
Handle the case when the caller provided a zero buffer to
sendmsg/sendpage. Such scenario is legal for AEAD ciphers when no
plaintext / ciphertext and no AAD is provided and the caller only
requests the generation of the tag value.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r-- | crypto/algif_aead.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c index 80a0f1a78551..6e9513701533 100644 --- a/crypto/algif_aead.c +++ b/crypto/algif_aead.c @@ -448,12 +448,13 @@ static int aead_recvmsg_async(struct socket *sock, struct msghdr *msg, used -= ctx->aead_assoclen + (ctx->enc ? as : 0); /* take over all tx sgls from ctx */ - areq->tsgl = sock_kmalloc(sk, sizeof(*areq->tsgl) * sgl->cur, + areq->tsgl = sock_kmalloc(sk, + sizeof(*areq->tsgl) * max_t(u32, sgl->cur, 1), GFP_KERNEL); if (unlikely(!areq->tsgl)) goto free; - sg_init_table(areq->tsgl, sgl->cur); + sg_init_table(areq->tsgl, max_t(u32, sgl->cur, 1)); for (i = 0; i < sgl->cur; i++) sg_set_page(&areq->tsgl[i], sg_page(&sgl->sg[i]), sgl->sg[i].length, sgl->sg[i].offset); |