c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2024-11-17 10:01:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3ac34ca375
mirror_zfs/module
History
Attila Fülöp 3ac34ca375 ICP: Fix out of bounds write 
If gcm_mode_encrypt_contiguous_blocks() is called more than once
in succession, with the accumulated lengths being less than
blocksize, ctx->copy_to will be incorrectly advanced. Later, if
out is NULL, the bcopy at line 114 will overflow
ctx->gcm_copy_to since ctx->gcm_remainder_len is larger than the
ctx->gcm_copy_to buffer can hold.

The fix is to set ctx->copy_to only if it's not already set.

For ZoL the issue may be academic, since in all my testing I wasn't
able to hit neither of both conditions needed to trigger it, but
other consumers can easily do so.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Tom Caputi <tcaputi@datto.com>
Signed-off-by: Attila Fülöp <attila@fueloep.org>
Closes #9660
2019-12-06 09:36:19 -08:00
..
avl Wrap Linux module macros 2019-11-01 10:41:03 -07:00
icp ICP: Fix out of bounds write 2019-12-06 09:36:19 -08:00
lua Move linux qsort def to platform header 2019-12-03 09:49:40 -08:00
nvpair Restructure nvlist_nv_alloc to work on FreeBSD 2019-11-30 15:45:06 -08:00
os Refactor deadman set failmode to be cross platform 2019-12-05 12:40:45 -08:00
spl OpenZFS restructuring - move platform specific sources 2019-09-06 11:26:26 -07:00
unicode Wrap Linux module macros 2019-11-01 10:41:03 -07:00
zcommon Disable EDONR on FreeBSD 2019-12-05 13:10:29 -08:00
zfs Disable EDONR on FreeBSD 2019-12-05 13:10:29 -08:00
.gitignore Adapt gitignore for modules 2019-12-02 13:23:47 -08:00
Makefile.in module/Makefile.in: don't run xargs if empty 2019-10-08 10:10:23 -07:00