diff options
| author | Dan Williams <dan.j.williams@intel.com> | 2009-09-09 02:55:54 +0200 |
|---|---|---|
| committer | Dan Williams <dan.j.williams@intel.com> | 2009-09-09 02:55:54 +0200 |
| commit | 9134d02bc0af4a8747d448d1f811ec5f8eb96df6 (patch) | |
| tree | 704c3e5dcc10f360815c4868a74711f82fb62e27 /fs/ecryptfs/keystore.c | |
| parent | Merge branch 'dmaengine' into async-tx-next (diff) | |
| parent | Fix new incorrect error return from do_md_stop. (diff) | |
| download | linux-9134d02bc0af4a8747d448d1f811ec5f8eb96df6.tar.xz linux-9134d02bc0af4a8747d448d1f811ec5f8eb96df6.zip | |
Merge commit 'md/for-linus' into async-tx-next
Conflicts:
drivers/md/raid5.c
Diffstat (limited to 'fs/ecryptfs/keystore.c')
| -rw-r--r-- | fs/ecryptfs/keystore.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c index af737bb56cb7..259525c9abb8 100644 --- a/fs/ecryptfs/keystore.c +++ b/fs/ecryptfs/keystore.c @@ -1303,6 +1303,13 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, } (*new_auth_tok)->session_key.encrypted_key_size = (body_size - (ECRYPTFS_SALT_SIZE + 5)); + if ((*new_auth_tok)->session_key.encrypted_key_size + > ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES) { + printk(KERN_WARNING "Tag 3 packet contains key larger " + "than ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES\n"); + rc = -EINVAL; + goto out_free; + } if (unlikely(data[(*packet_size)++] != 0x04)) { printk(KERN_WARNING "Unknown version number [%d]\n", data[(*packet_size) - 1]); @@ -1449,6 +1456,12 @@ parse_tag_11_packet(unsigned char *data, unsigned char *contents, rc = -EINVAL; goto out; } + if (unlikely((*tag_11_contents_size) > max_contents_bytes)) { + printk(KERN_ERR "Literal data section in tag 11 packet exceeds " + "expected size\n"); + rc = -EINVAL; + goto out; + } if (data[(*packet_size)++] != 0x62) { printk(KERN_WARNING "Unrecognizable packet\n"); rc = -EINVAL; |