Commit 5fe71fda authored Jan 17, 2025 by Dan Carpenter Committed by David S. Miller Jan 20, 2025

tipc: re-order conditions in tipc_crypto_key_rcv()



On a 32bit system the "keylen + sizeof(struct tipc_aead_key)" math could
have an integer wrapping issue.  It doesn't matter because the "keylen"
is checked on the next line, but just to make life easier for static
analysis tools, let's re-order these conditions and avoid the integer
overflow.

Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent af10e092

net/tipc/crypto.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -2293,8 +2293,8 @@ static bool tipc_crypto_key_rcv(struct tipc_crypto rx, struct tipc_msg hdr)
		keylen = ntohl(((__be32 )(data + TIPC_AEAD_ALG_NAME)));

		/* Verify the supplied size values */
		if (unlikely(size != keylen + sizeof(struct tipc_aead_key) \|\|
		keylen > TIPC_AEAD_KEY_SIZE_MAX)) {
		if (unlikely(keylen > TIPC_AEAD_KEY_SIZE_MAX \|\|
		size != keylen + sizeof(struct tipc_aead_key))) {
		pr_debug("%s: invalid MSG_CRYPTO key size\n", rx->name);
		goto exit;
		}