The sg_nents_for_len() function could fail, this patch add a check for its return value. Signed-off-by: LABBE Corentin <clabbe.montjoie@xxxxxxxxx> --- drivers/crypto/amcc/crypto4xx_core.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/crypto/amcc/crypto4xx_core.c b/drivers/crypto/amcc/crypto4xx_core.c index 27288fc..e6f7757 100644 --- a/drivers/crypto/amcc/crypto4xx_core.c +++ b/drivers/crypto/amcc/crypto4xx_core.c @@ -781,6 +781,10 @@ u32 crypto4xx_build_pd(struct crypto_async_request *req, /* figure how many gd is needed */ num_gd = sg_nents_for_len(src, datalen); + if ((int)num_gd < 0) { + dev_err(dev->core_dev->device, "Invalid number of src SG.\n"); + return -EINVAL; + } if (num_gd == 1) num_gd = 0; -- 2.4.10 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html