crypto: user - ensure user supplied strings are nul-terminated
To avoid misuse, ensure cru_name and cru_driver_name are always nul-terminated strings. Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
e336ed9647
commit
8fd61d3422
@ -30,6 +30,8 @@
|
|||||||
|
|
||||||
#include "internal.h"
|
#include "internal.h"
|
||||||
|
|
||||||
|
#define null_terminated(x) (strnlen(x, sizeof(x)) < sizeof(x))
|
||||||
|
|
||||||
static DEFINE_MUTEX(crypto_cfg_mutex);
|
static DEFINE_MUTEX(crypto_cfg_mutex);
|
||||||
|
|
||||||
/* The crypto netlink socket */
|
/* The crypto netlink socket */
|
||||||
@ -196,6 +198,9 @@ static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh,
|
|||||||
struct crypto_dump_info info;
|
struct crypto_dump_info info;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
|
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
if (!p->cru_driver_name[0])
|
if (!p->cru_driver_name[0])
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@ -260,6 +265,9 @@ static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
|
|||||||
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
|
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
|
||||||
LIST_HEAD(list);
|
LIST_HEAD(list);
|
||||||
|
|
||||||
|
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
if (priority && !strlen(p->cru_driver_name))
|
if (priority && !strlen(p->cru_driver_name))
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@ -287,6 +295,9 @@ static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
|
|||||||
struct crypto_alg *alg;
|
struct crypto_alg *alg;
|
||||||
struct crypto_user_alg *p = nlmsg_data(nlh);
|
struct crypto_user_alg *p = nlmsg_data(nlh);
|
||||||
|
|
||||||
|
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
alg = crypto_alg_match(p, 1);
|
alg = crypto_alg_match(p, 1);
|
||||||
if (!alg)
|
if (!alg)
|
||||||
return -ENOENT;
|
return -ENOENT;
|
||||||
@ -368,6 +379,9 @@ static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
|
|||||||
struct crypto_user_alg *p = nlmsg_data(nlh);
|
struct crypto_user_alg *p = nlmsg_data(nlh);
|
||||||
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
|
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
|
||||||
|
|
||||||
|
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
if (strlen(p->cru_driver_name))
|
if (strlen(p->cru_driver_name))
|
||||||
exact = 1;
|
exact = 1;
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user