@@ -10,6 +10,7 @@
#include <linux/atomic.h>
#include <linux/container_of.h>
+#include <linux/overflow.h>
#include <linux/crypto.h>
#include <linux/slab.h>
#include <linux/types.h>
@@ -433,7 +434,7 @@ static inline struct aead_request *aead_request_alloc(struct crypto_aead *tfm,
{
struct aead_request *req;
- req = kmalloc(sizeof(*req) + crypto_aead_reqsize(tfm), gfp);
+ req = kmalloc(size_add(sizeof(*req), crypto_aead_reqsize(tfm)), gfp);
if (likely(req))
aead_request_set_tfm(req, tfm);
@@ -10,6 +10,7 @@
#include <linux/atomic.h>
#include <linux/crypto.h>
+#include <linux/overflow.h>
/**
* struct akcipher_request - public key cipher request
@@ -184,7 +185,8 @@ static inline struct akcipher_request *akcipher_request_alloc(
{
struct akcipher_request *req;
- req = kmalloc(sizeof(*req) + crypto_akcipher_reqsize(tfm), gfp);
+ req = kmalloc(size_add(sizeof(*req),
+ crypto_akcipher_reqsize(tfm)), gfp);
if (likely(req))
akcipher_request_set_tfm(req, tfm);
@@ -11,6 +11,7 @@
#include <linux/atomic.h>
#include <linux/container_of.h>
+#include <linux/overflow.h>
#include <linux/crypto.h>
#include <linux/slab.h>
@@ -182,7 +183,7 @@ static inline struct kpp_request *kpp_request_alloc(struct crypto_kpp *tfm,
{
struct kpp_request *req;
- req = kmalloc(sizeof(*req) + crypto_kpp_reqsize(tfm), gfp);
+ req = kmalloc(size_add(sizeof(*req), crypto_kpp_reqsize(tfm)), gfp);
if (likely(req))
kpp_request_set_tfm(req, tfm);
It's safer to use size_add() to replace open-coded aithmetic in allocator arguments, because size_add() can prevent possible overflow problem. Signed-off-by: Su Hui <suhui@nfschina.com> --- include/crypto/aead.h | 3 ++- include/crypto/akcipher.h | 4 +++- include/crypto/kpp.h | 3 ++- 3 files changed, 7 insertions(+), 3 deletions(-)