]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8b1039f) | patch
opencrypto: Disallow requests which pass VERIFY_DIGEST without a MAC
authorMark Johnston <markj@FreeBSD.org>
Fri, 24 Sep 2021 19:04:45 +0000 (15:04 -0400)
committerMark Johnston <markj@FreeBSD.org>
Fri, 1 Oct 2021 14:08:30 +0000 (10:08 -0400)
commitd04c12765cfa2bf0f33f7489d48843648073ce06
tree597876070d027261beabcc19d8e81883b1700b7ftree | snapshot
parent8b1039f918658103bdc083c65b393dcc3c15e823commit | diff
opencrypto: Disallow requests which pass VERIFY_DIGEST without a MAC

Otherwise we can end up comparing the computed digest with an
uninitialized kernel buffer.

In cryptoaead_op() we already unconditionally fail the request if a
pointer to a digest buffer is not specified.

Based on a patch by Simran Kathpalia.

Reported by: syzkaller
Reviewed by: jhb
Pull Request: https://github.com/freebsd/freebsd-src/pull/529

(cherry picked from commit 7c2f227a17ded0934c5941c7911797edb7d770a2)
sys/opencrypto/cryptodev.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.