rxrpc: check return value of skb_to_sgvec always (ea63eca9) · Commits · e / devices / android_kernel_sony_msm8998

net/rxrpc/rxkad.c

+15 −6

Original line number	Diff line number	Diff line
		@@ -209,7 +209,7 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
		struct sk_buff *trailer;
		unsigned int len;
		u16 check;
		int nsg;
		int nsg, err;

		sp = rxrpc_skb(skb);

		@@ -240,7 +240,9 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
		len &= ~(call->conn->size_align - 1);

		sg_init_table(sg, nsg);
		skb_to_sgvec(skb, sg, 0, len);
		err = skb_to_sgvec(skb, sg, 0, len);
		if (unlikely(err < 0))
		return err;
		crypto_blkcipher_encrypt_iv(&desc, sg, sg, len);

		_leave(" = 0");
		@@ -336,7 +338,7 @@ static int rxkad_verify_packet_auth(const struct rxrpc_call *call,
		struct sk_buff *trailer;
		u32 data_size, buf;
		u16 check;
		int nsg;
		int nsg, ret;

		_enter("");

		@@ -348,7 +350,9 @@ static int rxkad_verify_packet_auth(const struct rxrpc_call *call,
		goto nomem;

		sg_init_table(sg, nsg);
		skb_to_sgvec(skb, sg, 0, 8);
		ret = skb_to_sgvec(skb, sg, 0, 8);
		if (unlikely(ret < 0))
		return ret;

		/* start the decryption afresh */
		memset(&iv, 0, sizeof(iv));
		@@ -411,7 +415,7 @@ static int rxkad_verify_packet_encrypt(const struct rxrpc_call *call,
		struct sk_buff *trailer;
		u32 data_size, buf;
		u16 check;
		int nsg;
		int nsg, ret;

		_enter(",{%d}", skb->len);

		@@ -430,7 +434,12 @@ static int rxkad_verify_packet_encrypt(const struct rxrpc_call *call,
		}

		sg_init_table(sg, nsg);
		skb_to_sgvec(skb, sg, 0, skb->len);
		ret = skb_to_sgvec(skb, sg, 0, skb->len);
		if (unlikely(ret < 0)) {
		if (sg != _sg)
		kfree(sg);
		return ret;
		}

		/* decrypt from the session key */
		token = call->conn->key->payload.data[0];