diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2010-11-30 03:49:02 -0500 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2010-11-30 03:49:02 -0500 |
commit | 0f6bb83cb12e4617e696ffa566f3fc6c092686e2 (patch) | |
tree | c871ab8acedb25ba19de73be427620af8475236d /usr | |
parent | 7451708f39db19a8303bb7fb95f00aca9f673cb5 (diff) |
crypto: algif_skcipher - Fixed overflow when sndbuf is page aligned
When sk_sndbuf is not a multiple of PAGE_SIZE, the limit tests
in sendmsg fail as the limit variable becomes negative and we're
using an unsigned comparison.
The same thing can happen if sk_sndbuf is lowered after a sendmsg
call.
This patch fixes this by always taking the signed maximum of limit
and 0 before we perform the comparison.
It also rounds the value of sk_sndbuf down to a multiple of PAGE_SIZE
so that we don't end up allocating a page only to use a small number
of bytes in it because we're bound by sk_sndbuf.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'usr')
0 files changed, 0 insertions, 0 deletions