qcrypto: protect potential integer overflow.

Adding user passed parameters without check might lead to Integer overflow and unpredictable system behaviour. Change-Id: Iaf8259e3c4a157e1790f1447b1b62a646988b7c4 Signed-off-by: Neeraj Soni <neersoni@codeaurora.org> Signed-off-by: Zhen Kong <zkong@codeaurora.org>
author: Zhen Kong <zkong@codeaurora.org> 2016-11-28 18:23:33 +0530
committer: Zhen Kong <zkong@codeaurora.org> 2017-01-25 10:29:50 -0800
commit: 34e32863a1bbbd1efadab3b2d13c9f01ca45537e (patch)
tree: 9f41ad1abb092a2f33d0e38ac8c61a3e8e5a57cc
parent: 314869eb56763d34f91d5483b0d510267894fadd (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/drivers/crypto/msm/qce50.c b/drivers/crypto/msm/qce50.c
index 8d17ea89e266..ee7e735761e2 100644
--- a/drivers/crypto/msm/qce50.c
+++ b/drivers/crypto/msm/qce50.c
@@ -4967,6 +4967,11 @@ int qce_aead_req(void *handle, struct qce_req *q_req)
 	else
 		q_req->cryptlen = areq->cryptlen - authsize;
 
+	if (q_req->cryptlen > UINT_MAX - areq->assoclen) {
+		pr_err("Integer overflow on total aead req length.\n");
+		return -EINVAL;
+	}
+
 	totallen = q_req->cryptlen + areq->assoclen;
 
 	if (pce_dev->support_cmd_dscr) {
author	Zhen Kong <zkong@codeaurora.org>	2016-11-28 18:23:33 +0530
committer	Zhen Kong <zkong@codeaurora.org>	2017-01-25 10:29:50 -0800
commit	34e32863a1bbbd1efadab3b2d13c9f01ca45537e (patch)
tree	9f41ad1abb092a2f33d0e38ac8c61a3e8e5a57cc
parent	314869eb56763d34f91d5483b0d510267894fadd (diff)