Author: jhb
Date: Fri May 29 05:41:21 2020
New Revision: 361617
URL: https://svnweb.freebsd.org/changeset/base/361617

Log:
  Increment the correct pointer when a crypto buffer spans an mbuf or iovec.
  
  When a crypto_cursor_copyback() request spanned multiple mbufs or
  iovecs, the pointer into the mbuf/iovec was incremented instead of the
  pointer into the source buffer being copied from.
  
  PR:           246737
  Reported by:  Jenkins, ZFS test suite
  Sponsored by: Netflix

Modified:
  head/sys/opencrypto/criov.c

Modified: head/sys/opencrypto/criov.c
==============================================================================
--- head/sys/opencrypto/criov.c Fri May 29 02:32:48 2020        (r361616)
+++ head/sys/opencrypto/criov.c Fri May 29 05:41:21 2020        (r361617)
@@ -266,7 +266,7 @@ crypto_cursor_copyback(struct crypto_buffer_cursor *cc
                        remain = cc->cc_mbuf->m_len - cc->cc_offset;
                        todo = MIN(remain, size);
                        memcpy(dst, src, todo);
-                       dst += todo;
+                       src += todo;
                        if (todo < remain) {
                                cc->cc_offset += todo;
                                break;
@@ -284,7 +284,7 @@ crypto_cursor_copyback(struct crypto_buffer_cursor *cc
                        remain = cc->cc_iov->iov_len - cc->cc_offset;
                        todo = MIN(remain, size);
                        memcpy(dst, src, todo);
-                       dst += todo;
+                       src += todo;
                        if (todo < remain) {
                                cc->cc_offset += todo;
                                break;
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to