lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <465B42D8.1020102@namesys.com>
Date:	Tue, 29 May 2007 01:00:08 +0400
From:	Edward Shishkin <edward@...esys.com>
To:	Richard Purdie <rpurdie@...ys.net>
CC:	akpm <akpm@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>, vs@...esys.com
Subject: Re: [PATCH -mm] reiser4: remove lzo compression security hole

Richard Purdie wrote:

>Switch reiser4 to use lzo1x_decompress_safe instead of lzo1x_decompress
>as otherwise it presents a security hole (lzo1x_decompress doesn't
>perform bounds checking on the decompressed data).
>
>Signed-off-by: Richard Purdie <rpurdie@...ys.net>
>
>---
> fs/reiser4/plugin/compress/compress.c |    2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>Index: linux-2.6.21/fs/reiser4/plugin/compress/compress.c
>===================================================================
>--- linux-2.6.21.orig/fs/reiser4/plugin/compress/compress.c	2007-05-16 20:47:45.000000000 +0100
>+++ linux-2.6.21/fs/reiser4/plugin/compress/compress.c	2007-05-24 23:43:28.000000000 +0100
>@@ -319,7 +319,7 @@ lzo1_decompress(coa_t coa, __u8 * src_fi
> 	assert("edward-851", coa == NULL);
> 	assert("edward-852", src_len != 0);
> 
>-	result = lzo1x_decompress(src_first, src_len, dst_first, &dstlen, NULL);
>+	result = lzo1x_decompress_safe(src_first, src_len, dst_first, &dstlen, NULL);
> 	if (result != LZO_E_OK)
> 		warning("edward-853", "lzo1x_1_decompress failed\n");
> 	*dst_len = dstlen;
>
>  
>

Signed-off-by: Edward Shishkin <edward@...esys.com>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ