diff options
| author | Greg Kroah-Hartman | 2019-01-28 08:44:58 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman | 2019-01-28 08:44:58 +0100 |
| commit | c9381e185fdcf86e9d7966d638c933894f87cdd7 (patch) | |
| tree | d99259aded85a3fb95e9d52c56d9d3a0cfdfe460 /crypto/authenc.c | |
| parent | usb: ftdi-elan: Fix if == else warnings in ftdi_elan_respond_engine (diff) | |
| parent | Linux 5.0-rc4 (diff) | |
| download | kernel-qcow2-linux-c9381e185fdcf86e9d7966d638c933894f87cdd7.tar.gz kernel-qcow2-linux-c9381e185fdcf86e9d7966d638c933894f87cdd7.tar.xz kernel-qcow2-linux-c9381e185fdcf86e9d7966d638c933894f87cdd7.zip | |
Merge 5.0-rc4 into usb-next
We need the USB fixes in here as well.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'crypto/authenc.c')
| -rw-r--r-- | crypto/authenc.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/crypto/authenc.c b/crypto/authenc.c index 37f54d1b2f66..4be293a4b5f0 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c @@ -58,14 +58,22 @@ int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key, return -EINVAL; if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) return -EINVAL; - if (RTA_PAYLOAD(rta) < sizeof(*param)) + + /* + * RTA_OK() didn't align the rtattr's payload when validating that it + * fits in the buffer. Yet, the keys should start on the next 4-byte + * aligned boundary. To avoid confusion, require that the rtattr + * payload be exactly the param struct, which has a 4-byte aligned size. + */ + if (RTA_PAYLOAD(rta) != sizeof(*param)) return -EINVAL; + BUILD_BUG_ON(sizeof(*param) % RTA_ALIGNTO); param = RTA_DATA(rta); keys->enckeylen = be32_to_cpu(param->enckeylen); - key += RTA_ALIGN(rta->rta_len); - keylen -= RTA_ALIGN(rta->rta_len); + key += rta->rta_len; + keylen -= rta->rta_len; if (keylen < keys->enckeylen) return -EINVAL; |