From: Dan Carpenter Date: Mon, 11 May 2015 10:10:09 +0000 (+0300) Subject: crypto: talitos - fix size calculation in talitos_edesc_alloc() X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=608f37d0f83e4359f48121949778bf912cd56800;p=openwrt%2Fstaging%2Fblogic.git crypto: talitos - fix size calculation in talitos_edesc_alloc() The + operation has higher precedence than ?: so we need parentheses here. Otherwise we may end up allocating a max of only one "cryptlen" instead of two. Fixes: 6f65f6ac5fb3 ('crypto: talitos - implement scatter/gather copy for SEC1') Signed-off-by: Dan Carpenter Acked-by: Christophe Leroy Signed-off-by: Herbert Xu --- diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index 4c0778b03de6..aaa7af856b39 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -1335,8 +1335,8 @@ static struct talitos_edesc *talitos_edesc_alloc(struct device *dev, alloc_len = sizeof(struct talitos_edesc); if (assoc_nents || src_nents || dst_nents) { if (is_sec1) - dma_len = src_nents ? cryptlen : 0 + - dst_nents ? cryptlen : 0; + dma_len = (src_nents ? cryptlen : 0) + + (dst_nents ? cryptlen : 0); else dma_len = (src_nents + dst_nents + 2 + assoc_nents) * sizeof(struct talitos_ptr) + authsize;