Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8f806658 authored by Zhen Kong's avatar Zhen Kong
Browse files

msm: crypto: Fix integer over flow check in qce driver 



Integer overflow check is invalid when ULONG_MAX is used,
as ULONG_MAX has typeof 'unsigned long', while areq->assoclen,
q_req->crytlen, and qreq.ivsize are 'unsigned int'. Make change
to use UINT_MAX instead of ULONG_MAX.

Change-Id: If2bb1900c07af1ea162da362c913d4880b0bc755
Signed-off-by: default avatarZhen Kong <zkong@codeaurora.org>
parent 21cf412f

drivers/crypto/msm/qce.c

+3 −3
Original line number Diff line number Diff line 
/* Qualcomm Crypto Engine driver.

 *

 * Copyright (c) 2010-2015, The Linux Foundation. All rights reserved.

 * Copyright (c) 2010-2016, The Linux Foundation. All rights reserved.

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2 and
@@ -1962,8 +1962,8 @@ int qce_aead_req(void *handle, struct qce_req *q_req) 
	else

		q_req->cryptlen = areq->cryptlen - authsize;



	if ((q_req->cryptlen > ULONG_MAX - ivsize) ||

		(q_req->cryptlen + ivsize > ULONG_MAX - areq->assoclen)) {

	if ((q_req->cryptlen > UINT_MAX - ivsize) ||

		(q_req->cryptlen + ivsize > UINT_MAX - areq->assoclen)) {

		pr_err("Integer overflow on total aead req length.\n");

		return -EINVAL;

	}