tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: algif_aead - Fix minimum RX size check for decryption

The check for the minimum receive buffer size did not take the
tag size into account during decryption. Fix this by adding the
required extra length.

Reported-by: syzbot+aa11561819dc42ebbc7c@syzkaller.appspotmail.com
Reported-by: Daniel Pouzzner <douzzer@mega.nu>
Fixes: d887c52d6ae4 ("crypto: algif_aead - overhaul memory management")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Herbert Xu 3d14bd48 d702c340

+1 -1
+1 -1
crypto/algif_aead.c
··· 144 144 if (usedpages < outlen) { 145 145 size_t less = outlen - usedpages; 146 146 147 - if (used < less) { 147 + if (used < less + (ctx->enc ? 0 : as)) { 148 148 err = -EINVAL; 149 149 goto free; 150 150 }