| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Mar 2018 16:59:17 -0800
From: Eric Biggers <ebiggers3@...il.com>
To: linux-ext4@...r.kernel.org
Cc: Eric Biggers <ebiggers@...gle.com>
Subject: [PATCH 04/10] e2fsck: validate that fscrypt_symlink_data.len is not too large
From: Eric Biggers <ebiggers@...gle.com>
Make e2fsck start validating that the ciphertext length stored in the
header of an encrypted symlink target, plus the header itself, is no
larger than a filesystem block. Previously e2fsck only verified that
this size is not exactly equal to a filesystem block. This was
sufficient for unencrypted symlinks, where the "actual length" is
computed using strnlen(), but not for encrypted symlinks; the kernel
also considers encrypted symlinks with too-large ciphertext length to be
invalid.
Signed-off-by: Eric Biggers <ebiggers@...gle.com>
---
e2fsck/pass1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/e2fsck/pass1.c b/e2fsck/pass1.c
index b101df0a..723acf09 100644
--- a/e2fsck/pass1.c
+++ b/e2fsck/pass1.c
@@ -253,7 +253,7 @@ int e2fsck_pass1_check_symlink(ext2_filsys fs, ext2_ino_t ino,
} else {
len = strnlen(buf, fs->blocksize);
}
- if (len == fs->blocksize)
+ if (len >= fs->blocksize)
return 0;
}
if (len != inode->i_size)
--
2.16.2.395.g2e18187dfd-goog
Powered by blists - more mailing lists