diff options
author | Stephan Mueller <smueller@chronox.de> | 2015-10-18 12:45:18 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2015-10-20 16:10:47 +0200 |
commit | 63349d02c195030f97c9c2000bbf32539056316f (patch) | |
tree | b6555ee222c808f802b32031ad272a6e7ad6acfe /lib/mpi | |
parent | crypto: qat - fix crypto_get_instance_node function (diff) | |
download | linux-63349d02c195030f97c9c2000bbf32539056316f.tar.xz linux-63349d02c195030f97c9c2000bbf32539056316f.zip |
lib/mpi: fix off by one in mpi_read_raw_from_sgl
The patch fixes the analysis of the input data which contains an off
by one.
The issue is visible when the SGL contains one byte per SG entry.
The code for checking for zero bytes does not operate on the data byte.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'lib/mpi')
-rw-r--r-- | lib/mpi/mpicoder.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c index c20ef27ad876..c7e0a705eecf 100644 --- a/lib/mpi/mpicoder.c +++ b/lib/mpi/mpicoder.c @@ -446,8 +446,11 @@ MPI mpi_read_raw_from_sgl(struct scatterlist *sgl, unsigned int len) const u8 *buff = sg_virt(sg); int len = sg->length; - while (len-- && !*buff++) + while (len && !*buff) { lzeros++; + len--; + buff++; + } if (len && *buff) break; |