Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8f806658 authored by Zhen Kong's avatar Zhen Kong
Browse files

msm: crypto: Fix integer over flow check in qce driver



Integer overflow check is invalid when ULONG_MAX is used,
as ULONG_MAX has typeof 'unsigned long', while areq->assoclen,
q_req->crytlen, and qreq.ivsize are 'unsigned int'. Make change
to use UINT_MAX instead of ULONG_MAX.

Change-Id: If2bb1900c07af1ea162da362c913d4880b0bc755
Signed-off-by: default avatarZhen Kong <zkong@codeaurora.org>
parent 21cf412f
Loading
Loading
Loading
Loading
+3 −3
Original line number Diff line number Diff line
/* Qualcomm Crypto Engine driver.
 *
 * Copyright (c) 2010-2015, The Linux Foundation. All rights reserved.
 * Copyright (c) 2010-2016, The Linux Foundation. All rights reserved.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 and
@@ -1962,8 +1962,8 @@ int qce_aead_req(void *handle, struct qce_req *q_req)
	else
		q_req->cryptlen = areq->cryptlen - authsize;

	if ((q_req->cryptlen > ULONG_MAX - ivsize) ||
		(q_req->cryptlen + ivsize > ULONG_MAX - areq->assoclen)) {
	if ((q_req->cryptlen > UINT_MAX - ivsize) ||
		(q_req->cryptlen + ivsize > UINT_MAX - areq->assoclen)) {
		pr_err("Integer overflow on total aead req length.\n");
		return -EINVAL;
	}