[PATCH 01/06] ecryptfs: Validate minimum header extent size
From: Stephan Müller
Date: Mon Jun 26 2006 - 19:45:13 EST
Kernel version: 2.6.17-mm1
The encrypted file ecryptfs maintains has in the first page meta data that
is needed for ecryptfs operation. As the encrypted file is untrusted,
every bit read of that file must be validated.
The patch ensures that crypt_stat->num_header_extents_at_front is checked
for improper values.
Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
---
fs/ecryptfs/crypto.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
1d76f6b4a787047ca354c8385614b0d549db6bc8
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 427f470..91b350e 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -1333,7 +1333,8 @@ static int parse_header_metadata(struct
crypt_stat->num_header_extents_at_front =
(int)num_header_extents_at_front;
(*bytes_read) = 6;
- if (crypt_stat->header_extent_size
+ if ((crypt_stat->header_extent_size
+ * crypt_stat->num_header_extents_at_front)
< ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE) {
rc = -EINVAL;
ecryptfs_printk(KERN_WARNING, "Invalid header extent size: "
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/