42 lines
1.1 KiB
Diff
42 lines
1.1 KiB
Diff
From 28ee49e5153b02698f100ad4e390fe700f7bcf32 Mon Sep 17 00:00:00 2001
|
|
From: Andrea Claudi <aclaudi@redhat.com>
|
|
Date: Sat, 1 May 2021 18:32:30 +0200
|
|
Subject: tipc: bail out if key is abnormally long
|
|
|
|
tipc segfaults when called with an abnormally long key:
|
|
|
|
$ tipc node set key 0123456789abcdef0123456789abcdef0123456789abcdef
|
|
*** buffer overflow detected ***: terminated
|
|
|
|
Fix this returning an error if key length is longer than
|
|
TIPC_AEAD_KEYLEN_MAX.
|
|
|
|
Fixes: 24bee3bf9752 ("tipc: add new commands to set TIPC AEAD key")
|
|
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
|
Signed-off-by: David Ahern <dsahern@kernel.org>
|
|
|
|
Conflict:NA
|
|
Reference:https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=28ee49e5153b02698f100ad4e390fe700f7bcf32
|
|
|
|
---
|
|
tipc/misc.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/tipc/misc.c b/tipc/misc.c
|
|
index 1daf3072a..909975d8b 100644
|
|
--- a/tipc/misc.c
|
|
+++ b/tipc/misc.c
|
|
@@ -113,6 +113,9 @@ int str2key(char *str, struct tipc_aead_key *key)
|
|
}
|
|
}
|
|
|
|
+ if (len > TIPC_AEAD_KEYLEN_MAX)
|
|
+ return -1;
|
|
+
|
|
/* Obtain key: */
|
|
if (!ishex) {
|
|
key->keylen = len;
|
|
--
|
|
cgit 1.2.3-korg
|
|
|