summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHongbo Li <herberthbli@tencent.com>2021-08-05 11:53:32 +0300
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2021-09-15 10:47:29 +0300
commit6b10d3d3a9ff260d734e0072a3b3792e4f1bbea5 (patch)
tree5aaa9a324033c9c35ef29eaa956f5f905bcf2a90
parent57c8e2ea47bcca90bda5c8b3da8182a25da985e3 (diff)
downloadlinux-6b10d3d3a9ff260d734e0072a3b3792e4f1bbea5.tar.xz
lib/mpi: use kcalloc in mpi_resize
[ Upstream commit b6f756726e4dfe75be1883f6a0202dcecdc801ab ] We should set the additional space to 0 in mpi_resize(). So use kcalloc() instead of kmalloc_array(). In lib/mpi/ec.c: /**************** * Resize the array of A to NLIMBS. the additional space is cleared * (set to 0) [done by m_realloc()] */ int mpi_resize(MPI a, unsigned nlimbs) Like the comment of kernel's mpi_resize() said, the additional space need to be set to 0, but when a->d is not NULL, it does not set. The kernel's mpi lib is from libgcrypt, the mpi resize in libgcrypt is _gcry_mpi_resize() which set the additional space to 0. This bug may cause mpi api which use mpi_resize() get wrong result under the condition of using the additional space without initiation. If this condition is not met, the bug would not be triggered. Currently in kernel, rsa, sm2 and dh use mpi lib, and they works well, so the bug is not triggered in these cases. add_points_edwards() use the additional space directly, so it will get a wrong result. Fixes: cdec9cb5167a ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Hongbo Li <herberthbli@tencent.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>
-rw-r--r--lib/mpi/mpiutil.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/mpi/mpiutil.c b/lib/mpi/mpiutil.c
index 20ed0f766787..00825028cc84 100644
--- a/lib/mpi/mpiutil.c
+++ b/lib/mpi/mpiutil.c
@@ -91,7 +91,7 @@ int mpi_resize(MPI a, unsigned nlimbs)
return 0; /* no need to do it */
if (a->d) {
- p = kmalloc_array(nlimbs, sizeof(mpi_limb_t), GFP_KERNEL);
+ p = kcalloc(nlimbs, sizeof(mpi_limb_t), GFP_KERNEL);
if (!p)
return -ENOMEM;
memcpy(p, a->d, a->alloced * sizeof(mpi_limb_t));