mirror of
https://github.com/torvalds/linux.git
synced 2024-12-28 13:51:44 +00:00
crypto: testmgr - add guard to dst buffer for ahash_export
Add a guard to 'state' buffer and warn if its consistency after call to crypto_ahash_export() changes, so that any write that goes beyond advertised statesize (and thus causing potential memory corruption [1]) is more visible. [1] https://marc.info/?l=linux-crypto-vger&m=147467656516085 Signed-off-by: Jan Stancek <jstancek@redhat.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Marcelo Cerri <marcelo.cerri@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
3387879524
commit
7bcb87bca2
@ -209,16 +209,19 @@ static int ahash_partial_update(struct ahash_request **preq,
|
||||
char *state;
|
||||
struct ahash_request *req;
|
||||
int statesize, ret = -EINVAL;
|
||||
const char guard[] = { 0x00, 0xba, 0xad, 0x00 };
|
||||
|
||||
req = *preq;
|
||||
statesize = crypto_ahash_statesize(
|
||||
crypto_ahash_reqtfm(req));
|
||||
state = kmalloc(statesize, GFP_KERNEL);
|
||||
state = kmalloc(statesize + sizeof(guard), GFP_KERNEL);
|
||||
if (!state) {
|
||||
pr_err("alt: hash: Failed to alloc state for %s\n", algo);
|
||||
goto out_nostate;
|
||||
}
|
||||
memcpy(state + statesize, guard, sizeof(guard));
|
||||
ret = crypto_ahash_export(req, state);
|
||||
WARN_ON(memcmp(state + statesize, guard, sizeof(guard)));
|
||||
if (ret) {
|
||||
pr_err("alt: hash: Failed to export() for %s\n", algo);
|
||||
goto out;
|
||||
|
Loading…
Reference in New Issue
Block a user