| Message ID | 20240606172023.23-1-alsp705@gmail.com (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | crypto: algif_aead: After having been compared to a NULL value at algif_aead.c:191, pointer 'tsgl_src' is passed as 2nd parameter in call to function 'crypto_aead_copy_sgl' at algif_aead.c:244, where it is dereferenced at algif_aead.c:85. | expand |
On 6/6/2024 10:20 AM, Alexander Sapozhnikov wrote: > From: Alexandr Sapozhnikov <alsp705@gmail.com> > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Signed-off-by: Alexandr Sapozhnikov <alsp705@gmail.com> > --- > crypto/algif_aead.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c > index 42493b4..f757907 100644 > --- a/crypto/algif_aead.c > +++ b/crypto/algif_aead.c > @@ -191,7 +191,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, > if (tsgl_src) > break; > } > - if (processed && !tsgl_src) { > + if (processed || !tsgl_src) { > err = -EFAULT; > goto free; > } Please see https://www.kernel.org/doc/html/latest/process/submitting-patches.html#the-canonical-patch-format and format your subject line accordingly. Thanks, Easwar
diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c index 42493b4..f757907 100644 --- a/crypto/algif_aead.c +++ b/crypto/algif_aead.c @@ -191,7 +191,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg, if (tsgl_src) break; } - if (processed && !tsgl_src) { + if (processed || !tsgl_src) { err = -EFAULT; goto free; }