summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Stancek <jstancek@redhat.com>2016-09-28 17:38:37 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2016-10-02 17:33:43 +0300
commit7bcb87bca2f51226f3ec382fcd3ff52cc15747bb (patch)
tree07bb151f7e7dd849a87822e33506f15925c28419
parent3387879524ec07fd9ba371eddd17e717abdd5e4f (diff)
downloadlinux-7bcb87bca2f51226f3ec382fcd3ff52cc15747bb.tar.xz
crypto: testmgr - add guard to dst buffer for ahash_export
Add a guard to 'state' buffer and warn if its consistency after call to crypto_ahash_export() changes, so that any write that goes beyond advertised statesize (and thus causing potential memory corruption [1]) is more visible. [1] https://marc.info/?l=linux-crypto-vger&m=147467656516085 Signed-off-by: Jan Stancek <jstancek@redhat.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Marcelo Cerri <marcelo.cerri@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--crypto/testmgr.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 0b01c3d062e2..62dffa0028ac 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -209,16 +209,19 @@ static int ahash_partial_update(struct ahash_request **preq,
char *state;
struct ahash_request *req;
int statesize, ret = -EINVAL;
+ const char guard[] = { 0x00, 0xba, 0xad, 0x00 };
req = *preq;
statesize = crypto_ahash_statesize(
crypto_ahash_reqtfm(req));
- state = kmalloc(statesize, GFP_KERNEL);
+ state = kmalloc(statesize + sizeof(guard), GFP_KERNEL);
if (!state) {
pr_err("alt: hash: Failed to alloc state for %s\n", algo);
goto out_nostate;
}
+ memcpy(state + statesize, guard, sizeof(guard));
ret = crypto_ahash_export(req, state);
+ WARN_ON(memcmp(state + statesize, guard, sizeof(guard)));
if (ret) {
pr_err("alt: hash: Failed to export() for %s\n", algo);
goto out;