tipc: re-order conditions in tipc_crypto_key_rcv()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

On a 32bit system the "keylen + sizeof(struct tipc_aead_key)" math could
have an integer wrapping issue. It doesn't matter because the "keylen"
is checked on the next line, but just to make life easier for static
analysis tools, let's re-order these conditions and avoid the integer
overflow.

Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Dan Carpenter and committed by

David S. Miller 1 year ago 5fe71fda af10e092

+2 -2

1 changed file

expand all

net

tipc

crypto.c

+2 -2

net/tipc/crypto.c

··· 2293 2293 keylen = ntohl(*((__be32 *)(data + TIPC_AEAD_ALG_NAME))); 2294 2294 2295 2295 /* Verify the supplied size values */ 2296 - if (unlikely(size != keylen + sizeof(struct tipc_aead_key) || 2297 - keylen > TIPC_AEAD_KEY_SIZE_MAX)) { 2296 + if (unlikely(keylen > TIPC_AEAD_KEY_SIZE_MAX || 2297 + size != keylen + sizeof(struct tipc_aead_key))) { 2298 2298 pr_debug("%s: invalid MSG_CRYPTO key size\n", rx->name); 2299 2299 goto exit; 2300 2300 }