On 09/09/2015 09:39 AM, Stephan Mueller wrote: >> No, because it can return -EINVAL if you call it before you set the key. > I see. > > But, shouldn't there be an overflow check? Maybe not here, but in the cases > where the function is invoked. There is a kmalloc(src_len) without a check for > negative values. Right, but because testmgr.c calls setkey before this I skipped the check. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html