From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Sun, 12 Apr 2026 05:32:21 +0000 (+0800)
Subject: crypto: algif_aead - Fix minimum RX size check for decryption
X-Git-Tag: v7.0~7^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3d14bd48e3a77091cbce637a12c2ae31b4a1687c;p=thirdparty%2Fkernel%2Flinux.git

crypto: algif_aead - Fix minimum RX size check for decryption

The check for the minimum receive buffer size did not take the
tag size into account during decryption.  Fix this by adding the
required extra length.

Reported-by: syzbot+aa11561819dc42ebbc7c@syzkaller.appspotmail.com
Reported-by: Daniel Pouzzner <douzzer@mega.nu>
Fixes: d887c52d6ae4 ("crypto: algif_aead - overhaul memory management")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---

diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
index dda15bb05e892..f8bd45f7dc839 100644
--- a/crypto/algif_aead.c
+++ b/crypto/algif_aead.c
@@ -144,7 +144,7 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,
 	if (usedpages < outlen) {
 		size_t less = outlen - usedpages;
 
-		if (used < less) {
+		if (used < less + (ctx->enc ? 0 : as)) {
 			err = -EINVAL;
 			goto free;
 		}