Gitiles
Code Review Sign In
android-review.linaro.org / kernel / hikey-linaro / 0f6bb83cb12e4617e696ffa566f3fc6c092686e2
commit0f6bb83cb12e4617e696ffa566f3fc6c092686e2[log] [tgz]
authorHerbert Xu <herbert@gondor.apana.org.au>Tue Nov 30 16:49:02 2010 +0800
committerHerbert Xu <herbert@gondor.apana.org.au>Tue Nov 30 16:49:02 2010 +0800
treec871ab8acedb25ba19de73be427620af8475236d
parent7451708f39db19a8303bb7fb95f00aca9f673cb5 [diff]
crypto: algif_skcipher - Fixed overflow when sndbuf is page aligned

When sk_sndbuf is not a multiple of PAGE_SIZE, the limit tests
in sendmsg fail as the limit variable becomes negative and we're
using an unsigned comparison.

The same thing can happen if sk_sndbuf is lowered after a sendmsg
call.

This patch fixes this by always taking the signed maximum of limit
and 0 before we perform the comparison.

It also rounds the value of sk_sndbuf down to a multiple of PAGE_SIZE
so that we don't end up allocating a page only to use a small number
of bytes in it because we're bound by sk_sndbuf.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1 file changed
tree: c871ab8acedb25ba19de73be427620af8475236d
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. MAINTAINERS
  28. Makefile
  29. README
  30. REPORTING-BUGS