The encryption / decryption operation is a noop in case the caller
provides zero input data. As this noop is a "valid" operation, the API
calls will return no error, but simply skip any processing.
This fixes a kernel crash with authenc() ciphers and zero plaintext /
ciphertext that can be triggered via AF_ALG from unprivileged user
space.
Fixes: 7a7ffe65c8c5f ("crypto: skcipher - Add top-level skcipher
interface")
CC: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
CC: <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
---
include/crypto/skcipher.h | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index 562001cb412b..ca27fbadbe67 100644
--- a/include/crypto/skcipher.h
+++ b/include/crypto/skcipher.h
@@ -442,6 +442,9 @@ static inline int crypto_skcipher_encrypt(struct skcipher_request *req)
{
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
+ if (!req->cryptlen)
+ return 0;
+
return tfm->encrypt(req);
}
@@ -460,6 +463,9 @@ static inline int crypto_skcipher_decrypt(struct skcipher_request *req)
{
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
+ if (!req->cryptlen)
+ return 0;
+
return tfm->decrypt(req);
}
--
2.13.5
