Re: [PATCH v2 2/3] crypto: marvell: fix stack smashing in marvell/hash.c

On Fri, 09 Oct 2015 11:48:49 +0100 Russell King (by way of Thomas Petazzoni ) wrote: > Several of the algorithms in marvell/hash.c have a statesize of zero. > When an AF_ALG accept() on an already-accepted file descriptor to >

[PATCH v2 2/3] crypto: marvell: fix stack smashing in marvell/hash.c

Several of the algorithms in marvell/hash.c have a statesize of zero. When an AF_ALG accept() on an already-accepted file descriptor to calls into hash_accept(), this causes: char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req))]; to be zero-sized, but we still pass this to: