diff options
| author | Yehuda Sadeh <yehuda@hq.newdream.net> | 2009-04-04 12:31:02 +0800 |
|---|---|---|
| committer | Chris Wright <chrisw@sous-sol.org> | 2009-04-27 10:36:58 -0700 |
| commit | fce2b77a3f903be6c3cc46de7b850e3fd910bcef (patch) | |
| tree | 1700a349eabc6907a98c18ceb606c9888b8e90f6 /crypto | |
| parent | df5b6025d1a9e2e61dde1fd28257082751264c07 (diff) | |
crypto: shash - Fix unaligned calculation with short length
upstream commit: f4f689933c63e0fbfba62f2a80efb2b424b139ae
When the total length is shorter than the calculated number of unaligned bytes, the call to shash->update breaks. For example, calling crc32c on unaligned buffer with length of 1 can result in a system crash.
Signed-off-by: Yehuda Sadeh <yehuda@hq.newdream.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/shash.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/shash.c b/crypto/shash.c index d5a2b619c55f..6792a675c8b7 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -82,6 +82,9 @@ static int shash_update_unaligned(struct shash_desc *desc, const u8 *data, u8 buf[shash_align_buffer_size(unaligned_len, alignmask)] __attribute__ ((aligned)); + if (unaligned_len > len) + unaligned_len = len; + memcpy(buf, data, unaligned_len); return shash->update(desc, buf, unaligned_len) ?: |