diff options
| author | Michael Halcrow <mhalcrow@google.com> | 2014-11-26 09:09:16 -0800 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2015-02-20 00:49:28 +0000 |
| commit | f2d130454e46c3989af1b4f882b6a666d24fa2e0 (patch) | |
| tree | 38e442edb9e6cc49bff8973595fa664501bf53e2 /fs | |
| parent | 3ca74798ef821cc6558fc04f083edc98afa28b2a (diff) | |
| download | kernel_samsung_smdk4412-f2d130454e46c3989af1b4f882b6a666d24fa2e0.zip kernel_samsung_smdk4412-f2d130454e46c3989af1b4f882b6a666d24fa2e0.tar.gz kernel_samsung_smdk4412-f2d130454e46c3989af1b4f882b6a666d24fa2e0.tar.bz2 | |
eCryptfs: Remove buggy and unnecessary write in file name decode routine
commit 942080643bce061c3dd9d5718d3b745dcb39a8bc upstream.
Dmitry Chernenkov used KASAN to discover that eCryptfs writes past the
end of the allocated buffer during encrypted filename decoding. This
fix corrects the issue by getting rid of the unnecessary 0 write when
the current bit offset is 2.
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Reported-by: Dmitry Chernenkov <dmitryc@google.com>
Suggested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/ecryptfs/crypto.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 68b19ab..dceedec 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -2038,7 +2038,6 @@ ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size, break; case 2: dst[dst_byte_offset++] |= (src_byte); - dst[dst_byte_offset] = 0; current_bit_offset = 0; break; } |