crypto: algif_aead - fix AIO handling of zero buffer

author Stephan Mueller <smueller@chronox.de>

Thu, 1 Dec 2016 07:22:37 +0000 (08:22 +0100)

committer Herbert Xu <herbert@gondor.apana.org.au>

Thu, 1 Dec 2016 13:06:44 +0000 (21:06 +0800)
author Stephan Mueller <smueller@chronox.de>
Thu, 1 Dec 2016 07:22:37 +0000 (08:22 +0100)
committer Herbert Xu <herbert@gondor.apana.org.au>
Thu, 1 Dec 2016 13:06:44 +0000 (21:06 +0800)
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c

index 80a0f1a7855181930afa0a545f5bf79584141e5c..6e95137015336d53acd9a2e3a0ebb30b40dd4ab3 100644 (file)
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -448,12 +448,13 @@ static int aead_recvmsg_async(struct socket *sock, struct msghdr *msg,
         used -= ctx->aead_assoclen + (ctx->enc ? as : 0);
  
         /* take over all tx sgls from ctx */
-       areq->tsgl = sock_kmalloc(sk, sizeof(*areq->tsgl) * sgl->cur,
+       areq->tsgl = sock_kmalloc(sk,
+                                 sizeof(*areq->tsgl) * max_t(u32, sgl->cur, 1),
                                   GFP_KERNEL);
         if (unlikely(!areq->tsgl))
                 goto free;
  
-       sg_init_table(areq->tsgl, sgl->cur);
+       sg_init_table(areq->tsgl, max_t(u32, sgl->cur, 1));
         for (i = 0; i < sgl->cur; i++)
                 sg_set_page(&areq->tsgl[i], sg_page(&sgl->sg[i]),
                             sgl->sg[i].length, sgl->sg[i].offset);
author	Stephan Mueller <smueller@chronox.de>
	Thu, 1 Dec 2016 07:22:37 +0000 (08:22 +0100)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Thu, 1 Dec 2016 13:06:44 +0000 (21:06 +0800)