crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (0aa171e9) · Commits · Mirrors / git.yoctoproject.org / linux-yocto · GitLab

Commit 0aa171e9 authored Jan 02, 2021 by

Ard Biesheuvel Committed by Herbert Xu Jan 03, 2021

crypto: ecdh - avoid buffer overflow in ecdh_set_secret()

Pavel reports that commit 17858b14 ("crypto: ecdh - avoid unaligned
accesses in ecdh_set_secret()") fixes one problem but introduces another:
the unconditional memcpy() introduced by that commit may overflow the
target buffer if the source data is invalid, which could be the result of
intentional tampering.

So check params.key_size explicitly against the size of the target buffer
before validating the key further.

Fixes: 17858b14

 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()")
Reported-by: Pavel Machek <pavel@denx.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

parent fd16931a

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit fde4c844
· Jan 27, 2021

mentioned in commit fde4c844

mentioned in commit fde4c844a5a5f1c35ecc4c3ef18bdbcce7152e2f

Toggle commit list
mirror @mirror
mentioned in commit 457b6779
· Jan 27, 2021

mentioned in commit 457b6779

mentioned in commit 457b67797cba7bb20e7754b622b1246ad1d521fd

Toggle commit list

Please register or to comment