iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
794b4bc292
linux/security/keys/encrypted-keys
History
Eric Biggers 794b4bc292 KEYS: encrypted: fix buffer overread in valid_master_desc() 
With the 'encrypted' key type it was possible for userspace to provide a
data blob ending with a master key description shorter than expected,
e.g. 'keyctl add encrypted desc "new x" @s'.  When validating such a
master key description, validate_master_desc() could read beyond the end
of the buffer.  Fix this by using strncmp() instead of memcmp().  [Also
clean up the code to deduplicate some logic.]

Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-06-09 13:29:46 +10:00
..
ecryptfs_format.c encrypted-keys: create encrypted-keys directory 2011-09-14 15:22:26 -04:00
ecryptfs_format.h encrypted-keys: create encrypted-keys directory 2011-09-14 15:22:26 -04:00
encrypted.c KEYS: encrypted: fix buffer overread in valid_master_desc() 2017-06-09 13:29:46 +10:00
encrypted.h KEYS: Merge the type-specific data with the payload data 2015-10-21 15:18:36 +01:00
Makefile encrypted-keys: module build fixes 2011-11-16 14:23:14 -05:00
masterkey_trusted.c KEYS: Merge the type-specific data with the payload data 2015-10-21 15:18:36 +01:00