Am Mittwoch, 6. September 2017, 21:22:44 CEST schrieb Stephan Müller: Hi Herbert, > With AF_ALG, AAD len and cryptlen can be set freely by unprivileged > user space. The cipher implementation must therefore validate the input > data for sanity. For AEAD ciphers, this implies that cryptlen must be > at least as large as AAD size. > > This fixes a kernel crash that can be triggered via AF_ALG detected by > the fuzzing test implemented with libkcapi. What is your opinion: should this check be rather added to crypto_aead_encrypt (similar to a sanity check found in crypto_aead_decrypt)? Ciao Stephan