| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4767EC73.2030507@redhat.com> Date: Tue, 18 Dec 2007 09:51:15 -0600 From: Eric Sandeen <sandeen@...hat.com> To: linux-kernel Mailing List <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>, Michael Halcrow <mhalcrow@...ibm.com> CC: mike@...crow.us, Jarod Wilson <jwilson@...hat.com> Subject: [PATCH] ecryptfs: fix string overflow on long cipher names Passing a cipher name > 32 chars on mount results in an overflow when the cipher name is printed, because the last character in the struct ecryptfs_key_tfm's cipher_name string was never zeroed. Signed-off-by: Eric Sandeen <sandeen@...hat.com> --- Index: linux-2.6.24-rc3/fs/ecryptfs/crypto.c =================================================================== --- linux-2.6.24-rc3.orig/fs/ecryptfs/crypto.c +++ linux-2.6.24-rc3/fs/ecryptfs/crypto.c @@ -1847,6 +1847,7 @@ ecryptfs_add_new_key_tfm(struct ecryptfs mutex_init(&tmp_tfm->key_tfm_mutex); strncpy(tmp_tfm->cipher_name, cipher_name, ECRYPTFS_MAX_CIPHER_NAME_SIZE); + tmp_tfm->cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE] = '\0'; tmp_tfm->key_size = key_size; rc = ecryptfs_process_key_cipher(&tmp_tfm->key_tfm, tmp_tfm->cipher_name, -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists