Eric Biggers dd2927197b KEYS: encrypted: fix buffer overread in valid_master_desc() ... With the 'encrypted' key type it was possible for userspace to provide a data blob ending with a master key description shorter than expected, e.g. 'keyctl add encrypted desc "new x" @s'. When validating such a master key description, validate_master_desc() could read beyond the end of the buffer. Fix this by using strncmp() instead of memcmp(). [Also clean up the code to deduplicate some logic.] Change-Id: Ib88f30f89c1854a1650ea2b58c2871a515297d82 Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> Git-commit: 794b4bc292f5d31739d89c0202c54e7dc9bc3add Git-repo: https://android.googlesource.com/kernel/common Signed-off-by: Srinivasa Rao Kuppala <srkupp@codeaurora.org>		2018-08-20 12:12:17 +02:00
..
encrypted-keys	KEYS: encrypted: fix buffer overread in valid_master_desc()	2018-08-20 12:12:17 +02:00
compat.c
gc.c	KEYS: Change the name of the dead type to ".dead" to prevent user access	2017-05-01 14:22:35 +00:00
internal.h	aio: don't include aio.h in sched.h	2013-05-07 20:16:25 -07:00
Kconfig
key.c	KEYS: potential uninitialized variable	2017-07-02 00:28:22 +02:00
keyctl.c	KEYS: prevent KEYCTL_READ on negative key	2018-05-26 00:39:33 +02:00
keyring.c	keys: Guard against null match function in keyring_search_aux()	2017-04-22 23:02:48 +02:00
Makefile
permission.c
proc.c	Import latest Samsung release	2017-04-18 03:43:52 +02:00
process_keys.c	UPSTREAM: capabilities: ambient capabilities	2018-02-06 13:12:16 +01:00
request_key.c	KEYS: split call to call_usermodehelper_fns()	2013-04-30 17:04:06 -07:00
request_key_auth.c
sysctl.c
trusted.c	KEYS: Fix handling of stored error in a negatively instantiated user key	2017-04-22 23:02:53 +02:00
trusted.h
user_defined.c	KEYS: Fix handling of stored error in a negatively instantiated user key	2017-04-22 23:02:53 +02:00