13 Oct
2025
13 Oct
'25
8:23 a.m.
On 13. Oct 2025, at 08:24, Lukas Wunner wrote:
On Sun, Oct 12, 2025 at 10:38:40PM +0200, Thorsten Blum wrote:
+++ b/crypto/asymmetric_keys/asymmetric_type.c @@ -141,12 +142,14 @@ struct asymmetric_key_id *asymmetric_key_generate_id(const void *val_1, size_t len_2) { struct asymmetric_key_id *kid;
- size_t len;
- kid = kmalloc(sizeof(struct asymmetric_key_id) + len_1 + len_2,
GFP_KERNEL);
- if (check_add_overflow(len_1, len_2, &len))
return ERR_PTR(-EOVERFLOW);- kid = kmalloc(struct_size(kid, data, len), GFP_KERNEL);
This will add (at least) 2 bytes to len (namely the size of struct asymmetric_key_id)) and may cause an overflow (even if len_1 + len_2 did not overflow).
Could you explain which part adds "(at least) 2 bytes to len"?
Thanks, Thorsten