X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=kernel%2Fcrypto%2Fasymmetric_keys%2Fx509_public_key.c;h=24f17e6c590488d66ca01ec1f0e6f93a3f013163;hb=fdb8b20906f3546ba6c2f9f0686d8a5189516ba3;hp=a6c42031628e94172a112700f6cdb5cd01da9789;hpb=9ca8dbcc65cfc63d6f5ef3312a33184e1d726e00;p=kvmfornfv.git

diff --git a/kernel/crypto/asymmetric_keys/x509_public_key.c b/kernel/crypto/asymmetric_keys/x509_public_key.c
index a6c420316..24f17e6c5 100644
--- a/kernel/crypto/asymmetric_keys/x509_public_key.c
+++ b/kernel/crypto/asymmetric_keys/x509_public_key.c
@@ -28,17 +28,30 @@ static bool use_builtin_keys;
 static struct asymmetric_key_id *ca_keyid;
 
 #ifndef MODULE
+static struct {
+	struct asymmetric_key_id id;
+	unsigned char data[10];
+} cakey;
+
 static int __init ca_keys_setup(char *str)
 {
 	if (!str)		/* default system keyring */
 		return 1;
 
 	if (strncmp(str, "id:", 3) == 0) {
-		struct asymmetric_key_id *p;
-		p = asymmetric_key_hex_to_key_id(str + 3);
-		if (p == ERR_PTR(-EINVAL))
-			pr_err("Unparsable hex string in ca_keys\n");
-		else if (!IS_ERR(p))
+		struct asymmetric_key_id *p = &cakey.id;
+		size_t hexlen = (strlen(str) - 3) / 2;
+		int ret;
+
+		if (hexlen == 0 || hexlen > sizeof(cakey.data)) {
+			pr_err("Missing or invalid ca_keys id\n");
+			return 1;
+		}
+
+		ret = __asymmetric_key_hex_to_key_id(str + 3, p, hexlen);
+		if (ret < 0)
+			pr_err("Unparsable ca_keys id hex string\n");
+		else
 			ca_keyid = p;	/* owner key 'id:xxxxxx' */
 	} else if (strcmp(str, "builtin") == 0) {
 		use_builtin_keys = true;