If someone called this function before a successful setkey, we would end up in a NULL dereference. The function should return minimum size for output buffer or error code if key hasn't been set. Signed-off-by: Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx> --- crypto/dh.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/dh.c b/crypto/dh.c index 7cec0498..3d35ba9 100644 --- a/crypto/dh.c +++ b/crypto/dh.c @@ -148,7 +148,7 @@ static int dh_max_size(struct crypto_kpp *tfm) { struct dh_ctx *ctx = dh_get_ctx(tfm); - return mpi_get_size(ctx->p); + return ctx->p ? mpi_get_size(ctx->p) : -ENOKEY; } static void dh_exit_tfm(struct crypto_kpp *tfm) -- 2.7.4