From patchwork Fri Nov 13 11:01:32 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Zaborowski X-Patchwork-Id: 7610821 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 3DD059F1C2 for ; Fri, 13 Nov 2015 11:01:55 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 4B0D3206ED for ; Fri, 13 Nov 2015 11:01:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 5435620635 for ; Fri, 13 Nov 2015 11:01:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753779AbbKMLBw (ORCPT ); Fri, 13 Nov 2015 06:01:52 -0500 Received: from mail-wm0-f44.google.com ([74.125.82.44]:36238 "EHLO mail-wm0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753238AbbKMLBv (ORCPT ); Fri, 13 Nov 2015 06:01:51 -0500 Received: by wmww144 with SMTP id w144so23801346wmw.1 for ; Fri, 13 Nov 2015 03:01:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:subject:date:message-id; bh=0zbB8HVSPW17GofWXHzd/9fF99eJ1xGiEuNF0OeBXAk=; b=ZzCOBb7tCqw/+obz2sI7aAWZTe/oOiXh1go6nFEnl5rr5hnvp4snUmXQM1sPsW/d6X p4OsCvJOpTMeMT2UT1en+apdb4DsudSq8QCZAkd4WPOeN5bs8Q8slLn9PTp0x/TRuU8S eNIFbMB2dfcvaeiX+p83mV4pmoK24rV5ZwPImWKzTRZ1GRbbyMfBIU+FBBGgDmfHF+vQ 8+DXBbQfxJdjHoUFnedLZsG0vFJXH8UCkD4lmseLkuPhJqlt1uyTD0eFfcdnndo6q9oQ UTS0mLdRsxQrvYH7adjSLbvynUSrwSnFIhXlv2aIwmghE9n2pdl+R/3yC4mb7d4iYj9K iyfA== X-Received: by 10.28.12.140 with SMTP id 134mr3225482wmm.9.1447412510706; Fri, 13 Nov 2015 03:01:50 -0800 (PST) Received: from localhost.localdomain (9.Red-2-136-109.dynamicIP.rima-tde.net. [2.136.109.9]) by smtp.gmail.com with ESMTPSA id w73sm3401681wme.12.2015.11.13.03.01.49 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 13 Nov 2015 03:01:50 -0800 (PST) From: Andrew Zaborowski To: linux-crypto@vger.kernel.org Subject: [PATCH 1/4] lib/mpi: only require buffers as big as needed for the integer Date: Fri, 13 Nov 2015 12:01:32 +0100 Message-Id: <1447412495-4370-1-git-send-email-andrew.zaborowski@intel.com> X-Mailer: git-send-email 2.1.4 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Since mpi_write_to_sgl and mpi_read_buffer explicitly left-align the integers being written it makes no sense to require a buffer big enough for the number + the leading zero bytes which are not written. The error returned also doesn't convey any information. So instead require only the size needed and return -EOVERFLOW to signal when buffer too short. Signed-off-by: Andrew Zaborowski --- lib/mpi/mpicoder.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c index c7e0a70..074d2df 100644 --- a/lib/mpi/mpicoder.c +++ b/lib/mpi/mpicoder.c @@ -135,7 +135,9 @@ EXPORT_SYMBOL_GPL(mpi_read_from_buffer); * @buf: bufer to which the output will be written to. Needs to be at * leaset mpi_get_size(a) long. * @buf_len: size of the buf. - * @nbytes: receives the actual length of the data written. + * @nbytes: receives the actual length of the data written on success and + * the data to-be-written on -EOVERFLOW in case buf_len was too + * small. * @sign: if not NULL, it will be set to the sign of a. * * Return: 0 on success or error code in case of error @@ -148,7 +150,7 @@ int mpi_read_buffer(MPI a, uint8_t *buf, unsigned buf_len, unsigned *nbytes, unsigned int n = mpi_get_size(a); int i, lzeros = 0; - if (buf_len < n || !buf || !nbytes) + if (!buf || !nbytes) return -EINVAL; if (sign) @@ -163,6 +165,11 @@ int mpi_read_buffer(MPI a, uint8_t *buf, unsigned buf_len, unsigned *nbytes, break; } + if (buf_len < n - lzeros) { + *nbytes = n - lzeros; + return -EOVERFLOW; + } + p = buf; *nbytes = n - lzeros; @@ -332,7 +339,8 @@ EXPORT_SYMBOL_GPL(mpi_set_buffer); * @nbytes: in/out param - it has the be set to the maximum number of * bytes that can be written to sgl. This has to be at least * the size of the integer a. On return it receives the actual - * length of the data written. + * length of the data written on success or the data that would + * be written if buffer was too small. * @sign: if not NULL, it will be set to the sign of a. * * Return: 0 on success or error code in case of error @@ -345,7 +353,7 @@ int mpi_write_to_sgl(MPI a, struct scatterlist *sgl, unsigned *nbytes, unsigned int n = mpi_get_size(a); int i, x, y = 0, lzeros = 0, buf_len; - if (!nbytes || *nbytes < n) + if (!nbytes) return -EINVAL; if (sign) @@ -360,6 +368,11 @@ int mpi_write_to_sgl(MPI a, struct scatterlist *sgl, unsigned *nbytes, break; } + if (*nbytes < n - lzeros) { + *nbytes = n - lzeros; + return -EOVERFLOW; + } + *nbytes = n - lzeros; buf_len = sgl->length; p2 = sg_virt(sgl);