Re: [PATCH] crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key()

From: Herbert Xu
Date: Wed Feb 10 2021 - 02:23:59 EST

Next message: Herbert Xu: "Re: [PATCH] crypto: powerpc: remove unneeded semicolon"
Previous message: Herbert Xu: "Re: [PATCH v2] crypto: caam - Replace DEFINE_SIMPLE_ATTRIBUTE with DEFINE_DEBUGFS_ATTRIBUTE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 03, 2021 at 11:28:37AM +0000, Daniele Alessandrelli wrote:
> From: Daniele Alessandrelli <daniele.alessandrelli@xxxxxxxxx>
>
> The length ('len' parameter) passed to crypto_ecdh_decode_key() is never
> checked against the length encoded in the passed buffer ('buf'
> parameter). This could lead to an out-of-bounds access when the passed
> length is less than the encoded length.
>
> Add a check to prevent that.
>
> Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@xxxxxxxxx>
> ---
> crypto/ecdh_helper.c | 3 +++
> 1 file changed, 3 insertions(+)

Patch applied. Thanks.
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Herbert Xu: "Re: [PATCH] crypto: powerpc: remove unneeded semicolon"
Previous message: Herbert Xu: "Re: [PATCH v2] crypto: caam - Replace DEFINE_SIMPLE_ATTRIBUTE with DEFINE_DEBUGFS_ATTRIBUTE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]