Commit b63483b3 authored by Dan Carpenter's avatar Dan Carpenter Committed by Herbert Xu

crypto: spacc - Fix bounds checking on spacc->job[]

This bounds checking is off by one.  The > should be >=.  The
spacc->job[] array is allocated in spacc_init() and it has
SPACC_MAX_JOBS elements.

Fixes: 8ebb14de ("crypto: spacc - Enable SPAcc AUTODETECT")
Fixes: c8981d92 ("crypto: spacc - Add SPAcc Skcipher support")
Signed-off-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 142a794b
......@@ -1024,7 +1024,7 @@ int spacc_set_operation(struct spacc_device *spacc, int handle, int op,
int ret = CRYPTO_OK;
struct spacc_job *job = NULL;
if (handle < 0 || handle > SPACC_MAX_JOBS)
if (handle < 0 || handle >= SPACC_MAX_JOBS)
return -ENXIO;
job = &spacc->job[handle];
......@@ -1105,7 +1105,7 @@ int spacc_packet_enqueue_ddt_ex(struct spacc_device *spacc, int use_jb,
struct spacc_job *job;
int ret = CRYPTO_OK, proc_len;
if (job_idx < 0 || job_idx > SPACC_MAX_JOBS)
if (job_idx < 0 || job_idx >= SPACC_MAX_JOBS)
return -ENXIO;
switch (prio) {
......@@ -1331,7 +1331,7 @@ static int spacc_set_auxinfo(struct spacc_device *spacc, int jobid,
int ret = CRYPTO_OK;
struct spacc_job *job;
if (jobid < 0 || jobid > SPACC_MAX_JOBS)
if (jobid < 0 || jobid >= SPACC_MAX_JOBS)
return -ENXIO;
job = &spacc->job[jobid];
......@@ -2364,7 +2364,7 @@ int spacc_set_key_exp(struct spacc_device *spacc, int job_idx)
struct spacc_ctx *ctx = NULL;
struct spacc_job *job = NULL;
if (job_idx < 0 || job_idx > SPACC_MAX_JOBS) {
if (job_idx < 0 || job_idx >= SPACC_MAX_JOBS) {
pr_debug("ERR: Invalid Job id specified (out of range)\n");
return -ENXIO;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment