On Sun, Sep 24, 2017 at 08:24:58AM +0200, Stephan Müller wrote:
> The encryption / decryption operation is a noop in case the caller
> provides zero input data. As this noop is a "valid" operation, the API
> calls will return no error, but simply skip any processing.
>
> This fixes a kernel crash with authenc() ciphers and zero plaintext /
> ciphertext that can be triggered via AF_ALG from unprivileged user
> space.
>
> Fixes: 7a7ffe65c8c5f ("crypto: skcipher - Add top-level skcipher
> interface")
> CC: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> CC: <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
Hmm this just papers over bugs in the underlying code. Which
algorithm is causing the crash with a zero input? They're supposed
to handle this case.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
