If a read(2) of less than a full block size is attempted we will
end up doing a zero-length operation. This patch makes that return
-EINVAL instead, which is what we did originally.
Fixes: e870456d8e7c ("crypto: algif_skcipher - overhaul memory...")
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index 4c3bdffe0c3a5..24dd2fc2431cc 100644
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -85,6 +85,10 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
if (ctx->more || len < ctx->used)
len -= len % bs;
+ err = -EINVAL;
+ if (!len)
+ goto free;
+
/*
* Create a per request TX SGL for this request which tracks the
* SG entries from the global TX SGL.
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
