summaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2015-11-01 17:11:19 +0800
committerHerbert Xu <herbert@gondor.apana.org.au>2015-11-02 17:48:30 +0800
commit4afa5f9617927453ac04b24b584f6c718dfb4f45 (patch)
treec2304ce35cb7d2bec45f3f257c4194ab2278b3a9 /crypto
parent271817a3e92c0455bda5856d87eca244ad67d3a2 (diff)
crypto: algif_hash - Only export and import on sockets with data
The hash_accept call fails to work on sockets that have not received any data. For some algorithm implementations it may cause crashes. This patch fixes this by ensuring that we only export and import on sockets that have received data. Cc: stable@vger.kernel.org Reported-by: Harsh Jain <harshjain.prof@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Tested-by: Stephan Mueller <smueller@chronox.de>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/algif_hash.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index 1396ad0787fc..b4c24fe3dcfb 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -181,9 +181,14 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags)
struct sock *sk2;
struct alg_sock *ask2;
struct hash_ctx *ctx2;
+ bool more;
int err;
- err = crypto_ahash_export(req, state);
+ lock_sock(sk);
+ more = ctx->more;
+ err = more ? crypto_ahash_export(req, state) : 0;
+ release_sock(sk);
+
if (err)
return err;
@@ -194,7 +199,10 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags)
sk2 = newsock->sk;
ask2 = alg_sk(sk2);
ctx2 = ask2->private;
- ctx2->more = 1;
+ ctx2->more = more;
+
+ if (!more)
+ return err;
err = crypto_ahash_import(&ctx2->req, state);
if (err) {