Archive-Team
/
zfs
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 103 Wiki Activity
zfs/module/icp
History
Attila Fülöp 3ac34ca375 ICP: Fix out of bounds write 
If gcm_mode_encrypt_contiguous_blocks() is called more than once
in succession, with the accumulated lengths being less than
blocksize, ctx->copy_to will be incorrectly advanced. Later, if
out is NULL, the bcopy at line 114 will overflow
ctx->gcm_copy_to since ctx->gcm_remainder_len is larger than the
ctx->gcm_copy_to buffer can hold.

The fix is to set ctx->copy_to only if it's not already set.

For ZoL the issue may be academic, since in all my testing I wasn't
able to hit neither of both conditions needed to trigger it, but
other consumers can easily do so.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Tom Caputi <tcaputi@datto.com>
Signed-off-by: Attila Fülöp <attila@fueloep.org>
Closes #9660
 		2019-12-06 09:36:19 -08:00
..
algs ICP: Fix out of bounds write 2019-12-06 09:36:19 -08:00
api Fix typos in modules/icp/ 2019-08-30 14:26:07 -07:00
asm-x86_64 Fix typos in modules/icp/ 2019-08-30 14:26:07 -07:00
core ICP: Fix null pointer dereference and use after free 2019-12-03 10:28:47 -08:00
include Fix icp build on FreeBSD 2019-11-01 10:27:53 -07:00
io Linux 4.14, 4.19, 5.0+ compat: SIMD save/restore 2019-10-24 10:17:33 -07:00
os Fix typos in modules/icp/ 2019-08-30 14:26:07 -07:00
spi Fix strdup conflict on other platforms 2019-10-10 09:47:06 -07:00
Makefile.in Add support for selecting encryption backend 2018-08-02 11:59:24 -07:00
illumos-crypto.c Fix typos in modules/icp/ 2019-08-30 14:26:07 -07:00