diff options
| author |   Eric Biggers <ebiggers@google.com> | 2017-06-08 14:48:18 +0100 |
|---|---|---|
| committer |   James Morris <james.l.morris@oracle.com> | 2017-06-09 13:29:46 +1000 |
| commit | 794b4bc292f5d31739d89c0202c54e7dc9bc3add (patch) | |
| tree | 717c0817eea7ddb40659b40f45f7524eedddc901 /tools/perf/util/scripting-engines/trace-event-python.c | |
| parent | KEYS: encrypted: avoid encrypting/decrypting stack buffers (diff) | |
| download | wireguard-linux-794b4bc292f5d31739d89c0202c54e7dc9bc3add.tar.xz wireguard-linux-794b4bc292f5d31739d89c0202c54e7dc9bc3add.zip | |
KEYS: encrypted: fix buffer overread in valid_master_desc()
With the 'encrypted' key type it was possible for userspace to provide a
data blob ending with a master key description shorter than expected,
e.g. 'keyctl add encrypted desc "new x" @s'. When validating such a
master key description, validate_master_desc() could read beyond the end
of the buffer. Fix this by using strncmp() instead of memcmp(). [Also
clean up the code to deduplicate some logic.]
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'tools/perf/util/scripting-engines/trace-event-python.c')
0 files changed, 0 insertions, 0 deletions