If someone called this function before a successful setkey,
we would end up in a NULL dereference.
The function should return minimum size for output buffer
or error code if key hasn't been set.
Signed-off-by: Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx>
---
crypto/ecdh.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/crypto/ecdh.c b/crypto/ecdh.c
index c1f0163..b2b12cd 100644
--- a/crypto/ecdh.c
+++ b/crypto/ecdh.c
@@ -107,10 +107,10 @@ static int ecdh_compute_value(struct kpp_request *req)
static int ecdh_max_size(struct crypto_kpp *tfm)
{
struct ecdh_ctx *ctx = ecdh_get_ctx(tfm);
- int nbytes = ctx->ndigits << ECC_DIGITS_TO_BYTES_SHIFT;
- /* Public key is made of two coordinates */
- return 2 * nbytes;
+ /* Public key is made of two coordinates, add one to the left shift */
+ return ctx->ndigits ? ctx->ndigits << (ECC_DIGITS_TO_BYTES_SHIFT + 1) :
+ -ENOKEY;
}
static void no_exit_tfm(struct crypto_kpp *tfm)
--
2.7.4
