From: Shant KumarX Sonnad <shant.kumarx.son...@intel.com>
The offset is calculated based on type of hash algorithum.
If the algorithum is invalid the offset can have negative value.
Hence added negative offset check and return -EFAULT.
Reviewed-by: Conor Mcloughlin <conor.mclough...@intel.com>
Tested-by: Sergey Portnoy <sergey.port...@intel.com>
Signed-off-by: Shant KumarX Sonnad <shant.kumarx.son...@intel.com>
Signed-off-by: Giovanni Cabiddu <giovanni.cabi...@intel.com>
---
drivers/crypto/qat/qat_common/qat_algs.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/crypto/qat/qat_common/qat_algs.c
b/drivers/crypto/qat/qat_common/qat_algs.c
index 413e05e8891e..b60156d987eb 100644
--- a/drivers/crypto/qat/qat_common/qat_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_algs.c
@@ -222,6 +222,9 @@ static int qat_alg_do_precomputes(struct
icp_qat_hw_auth_algo_blk *hash,
return -EFAULT;
offset = round_up(qat_get_inter_state_size(ctx->qat_hash_alg), 8);
+ if (offset < 0)
+ return -EFAULT;
+
hash_state_out = (__be32 *)(hash->sha.state1 + offset);
hash512_state_out = (__be64 *)hash_state_out;
--
2.20.1
