mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2025-01-04 12:20:49 -05:00
38 lines
1.2 KiB
Diff
38 lines
1.2 KiB
Diff
From f2d130454e46c3989af1b4f882b6a666d24fa2e0 Mon Sep 17 00:00:00 2001
|
|
From: Michael Halcrow <mhalcrow@google.com>
|
|
Date: Wed, 26 Nov 2014 09:09:16 -0800
|
|
Subject: eCryptfs: Remove buggy and unnecessary write in file name decode
|
|
routine
|
|
|
|
commit 942080643bce061c3dd9d5718d3b745dcb39a8bc upstream.
|
|
|
|
Dmitry Chernenkov used KASAN to discover that eCryptfs writes past the
|
|
end of the allocated buffer during encrypted filename decoding. This
|
|
fix corrects the issue by getting rid of the unnecessary 0 write when
|
|
the current bit offset is 2.
|
|
|
|
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
|
|
Reported-by: Dmitry Chernenkov <dmitryc@google.com>
|
|
Suggested-by: Kees Cook <keescook@chromium.org>
|
|
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
|
|
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
|
---
|
|
fs/ecryptfs/crypto.c | 1 -
|
|
1 file changed, 1 deletion(-)
|
|
|
|
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
|
|
index 68b19ab..dceedec 100644
|
|
--- a/fs/ecryptfs/crypto.c
|
|
+++ b/fs/ecryptfs/crypto.c
|
|
@@ -2038,7 +2038,6 @@ ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size,
|
|
break;
|
|
case 2:
|
|
dst[dst_byte_offset++] |= (src_byte);
|
|
- dst[dst_byte_offset] = 0;
|
|
current_bit_offset = 0;
|
|
break;
|
|
}
|
|
--
|
|
cgit v1.1
|
|
|