crypto: gf128mul - fix call to memset()

In gf128mul_lle() and gf128mul_bbe() r isn't completely initialized with
zero because the size argument passed to memset() is the size of the
pointer, not the structure it points to.

Luckily there are no in-kernel users of those functions so the ABI
change implied by this fix should break no existing code.

Based on a patch by the PaX Team.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: PaX Team <pageexec@freemail.hu>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/gf128mul.c b/crypto/gf128mul.c
index df35e4c..5276607 100644 (file)
--- a/crypto/gf128mul.c
+++ b/crypto/gf128mul.c
@@ -182,7 +182,7 @@ void gf128mul_lle(be128 *r, const be128 *b)
        for (i = 0; i < 7; ++i)
                gf128mul_x_lle(&p[i + 1], &p[i]);
 
-       memset(r, 0, sizeof(r));
+       memset(r, 0, sizeof(*r));
        for (i = 0;;) {
                u8 ch = ((u8 *)b)[15 - i];
 
@@ -220,7 +220,7 @@ void gf128mul_bbe(be128 *r, const be128 *b)
        for (i = 0; i < 7; ++i)
                gf128mul_x_bbe(&p[i + 1], &p[i]);
 
-       memset(r, 0, sizeof(r));
+       memset(r, 0, sizeof(*r));
        for (i = 0;;) {
                u8 ch = ((u8 *)b)[i];