lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201011021030.27253.roberto.sassu@polito.it>
Date:	Tue, 2 Nov 2010 10:30:23 +0100
From:	Roberto Sassu <roberto.sassu@...ito.it>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org, keyrings@...ux-nfs.org,
	linux-crypto@...r.kernel.org, David Howells <dhowells@...hat.com>,
	James Morris <jmorris@...ei.org>,
	David Safford <safford@...son.ibm.com>,
	Rajiv Andrade <srajiv@...ux.vnet.ibm.com>,
	Mimi Zohar <zohar@...ibm.com>
Subject: Re: [PATCH v1.1 4/4] keys: add new key-type encrypted

The buffer 'derived_buf' in the function get_derived_key() must be
allocated dynamically in order to make room for an arbitrary length
master key.

Signed-off-by: Roberto Sassu <roberto.sassu@...ito.it>
---
 security/keys/encrypted_defined.c |   15 +++++++++++++--
 1 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
index 5331925..65d9b13 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted_defined.c
@@ -289,10 +289,20 @@ enum derived_key_type { ENC_KEY, AUTH_KEY };
 static int get_derived_key(char *derived_key, enum derived_key_type key_type,
 			   void *master_key, unsigned int master_keylen)
 {
-	char derived_buf[hash_size + 10];
+	char *derived_buf;
 	int ret;
+	unsigned int derived_buf_len;
+
+	derived_buf_len = strlen("AUTH_KEY") + 1 + master_keylen;
+	if (derived_buf_len < hash_size)
+		derived_buf_len = hash_size;
+
+	derived_buf = kzalloc(derived_buf_len, GFP_KERNEL);
+	if (!derived_buf) {
+		pr_err("encrypted_key: out of memory\n");
+		return -ENOMEM;
+	}
 
-	memset(derived_buf, 0, sizeof derived_buf);
 	if (key_type)
 		strcpy(derived_buf, "AUTH_KEY");
 	else
@@ -301,6 +311,7 @@ static int get_derived_key(char *derived_key, enum derived_key_type key_type,
 	memcpy(derived_buf + strlen(derived_buf) + 1, master_key,
 	       master_keylen);
 	ret = calc_hash(derived_key, derived_buf, sizeof derived_buf);
+	kfree(derived_buf);
 	return ret;
 }
 
-- 
1.7.2.3

Download attachment "smime.p7s" of type "application/pkcs7-signature" (4707 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ