Merge branch 'next-hex2bin' of git://github.com/mzohar/linux-evm into next

2 files changed, 26 insertions, 7 deletions

diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index 3f577954b85a..f33804c1b4c8 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -667,11 +667,19 @@ static int encrypted_key_decrypt(struct encrypted_key_payload *epayload,
                 return -EINVAL;
 
         hex_encoded_data = hex_encoded_iv + (2 * ivsize) + 2;
-        hex2bin(epayload->iv, hex_encoded_iv, ivsize);
-        hex2bin(epayload->encrypted_data, hex_encoded_data, encrypted_datalen);
+        ret = hex2bin(epayload->iv, hex_encoded_iv, ivsize);
+        if (ret < 0)
+                return -EINVAL;
+        ret = hex2bin(epayload->encrypted_data, hex_encoded_data,
+                      encrypted_datalen);
+        if (ret < 0)
+                return -EINVAL;
 
         hmac = epayload->format + epayload->datablob_len;
-        hex2bin(hmac, hex_encoded_data + (encrypted_datalen * 2), HASH_SIZE);
+        ret = hex2bin(hmac, hex_encoded_data + (encrypted_datalen * 2),
+                      HASH_SIZE);
+        if (ret < 0)
+                return -EINVAL;
 
         mkey = request_master_key(epayload, &master_key, &master_keylen);
         if (IS_ERR(mkey))
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 0c33e2ea1f3c..0964fc236946 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -779,7 +779,10 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
                         opt->pcrinfo_len = strlen(args[0].from) / 2;
                         if (opt->pcrinfo_len > MAX_PCRINFO_SIZE)
                                 return -EINVAL;
-                        hex2bin(opt->pcrinfo, args[0].from, opt->pcrinfo_len);
+                        res = hex2bin(opt->pcrinfo, args[0].from,
+                                      opt->pcrinfo_len);
+                        if (res < 0)
+                                return -EINVAL;
                         break;
                 case Opt_keyhandle:
                         res = strict_strtoul(args[0].from, 16, &handle);
@@ -791,12 +794,18 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
                 case Opt_keyauth:
                         if (strlen(args[0].from) != 2 * SHA1_DIGEST_SIZE)
                                 return -EINVAL;
-                        hex2bin(opt->keyauth, args[0].from, SHA1_DIGEST_SIZE);
+                        res = hex2bin(opt->keyauth, args[0].from,
+                                      SHA1_DIGEST_SIZE);
+                        if (res < 0)
+                                return -EINVAL;
                         break;
                 case Opt_blobauth:
                         if (strlen(args[0].from) != 2 * SHA1_DIGEST_SIZE)
                                 return -EINVAL;
-                        hex2bin(opt->blobauth, args[0].from, SHA1_DIGEST_SIZE);
+                        res = hex2bin(opt->blobauth, args[0].from,
+                                      SHA1_DIGEST_SIZE);
+                        if (res < 0)
+                                return -EINVAL;
                         break;
                 case Opt_migratable:
                         if (*args[0].from == '0')
@@ -860,7 +869,9 @@ static int datablob_parse(char *datablob, struct trusted_key_payload *p,
                 p->blob_len = strlen(c) / 2;
                 if (p->blob_len > MAX_BLOB_SIZE)
                         return -EINVAL;
-                hex2bin(p->blob, c, p->blob_len);
+                ret = hex2bin(p->blob, c, p->blob_len);
+                if (ret < 0)
+                        return -EINVAL;
                 ret = getoptions(datablob, p, o);
                 if (ret < 0)
                         return ret;