]> www.infradead.org Git - users/dwmw2/linux.git/commit
projects / users / dwmw2 / linux.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: c8eb0c3) | patch
chelsio/chtls: prevent potential integer overflow on 32bit
authorDan Carpenter <dan.carpenter@linaro.org>
Fri, 13 Dec 2024 09:47:27 +0000 (12:47 +0300)
committerJakub Kicinski <kuba@kernel.org>
Tue, 17 Dec 2024 02:08:11 +0000 (18:08 -0800)
commitfbbd84af6ba70334335bdeba3ae536cf751c14c6
tree60370dad7d4b5f44f5fd1dee85027cb9536793b5tree
parentc8eb0c3ffde699c981449f8b86da12df577c46b9commit | diff
chelsio/chtls: prevent potential integer overflow on 32bit

The "gl->tot_len" variable is controlled by the user.  It comes from
process_responses().  On 32bit systems, the "gl->tot_len +
sizeof(struct cpl_pass_accept_req) + sizeof(struct rss_header)" addition
could have an integer wrapping bug.  Use size_add() to prevent this.

Fixes: a08943947873 ("crypto: chtls - Register chtls with net tls")
Cc: stable@vger.kernel.org
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://patch.msgid.link/c6bfb23c-2db2-4e1b-b8ab-ba3925c82ef5@stanley.mountain
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_main.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.