Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8fd61d34 authored by Mathias Krause's avatar Mathias Krause Committed by Herbert Xu
Browse files

crypto: user - ensure user supplied strings are nul-terminated 



To avoid misuse, ensure cru_name and cru_driver_name are always
nul-terminated strings.

Signed-off-by: default avatarMathias Krause <minipli@googlemail.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent e336ed96

crypto/crypto_user.c

+14 −0
Original line number Original line Diff line number Diff line
@@ -30,6 +30,8 @@ 




#include "internal.h"

#include "internal.h"





#define null_terminated(x)	(strnlen(x, sizeof(x)) < sizeof(x))



static DEFINE_MUTEX(crypto_cfg_mutex);

static DEFINE_MUTEX(crypto_cfg_mutex);





/* The crypto netlink socket */

/* The crypto netlink socket */
@@ -196,6 +198,9 @@ static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh, 
	struct crypto_dump_info info;

	struct crypto_dump_info info;

	int err;

	int err;





	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))

		return -EINVAL;



	if (!p->cru_driver_name[0])

	if (!p->cru_driver_name[0])

		return -EINVAL;

		return -EINVAL;
@@ -260,6 +265,9 @@ static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh, 
	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];

	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];

	LIST_HEAD(list);

	LIST_HEAD(list);





	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))

		return -EINVAL;



	if (priority && !strlen(p->cru_driver_name))

	if (priority && !strlen(p->cru_driver_name))

		return -EINVAL;

		return -EINVAL;
@@ -287,6 +295,9 @@ static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh, 
	struct crypto_alg *alg;

	struct crypto_alg *alg;

	struct crypto_user_alg *p = nlmsg_data(nlh);

	struct crypto_user_alg *p = nlmsg_data(nlh);





	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))

		return -EINVAL;



	alg = crypto_alg_match(p, 1);

	alg = crypto_alg_match(p, 1);

	if (!alg)

	if (!alg)

		return -ENOENT;

		return -ENOENT;
@@ -368,6 +379,9 @@ static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh, 
	struct crypto_user_alg *p = nlmsg_data(nlh);

	struct crypto_user_alg *p = nlmsg_data(nlh);

	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];

	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];





	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))

		return -EINVAL;



	if (strlen(p->cru_driver_name))

	if (strlen(p->cru_driver_name))

		exact = 1;

		exact = 1;