diff options
| author | Xin LI <delphij@FreeBSD.org> | 2013-11-02 01:16:10 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2013-11-02 01:16:10 +0000 |
| commit | 7ac2e58818468e54d67b36998a1a140a0c9f3b63 (patch) | |
| tree | 2cbdbad02bc00d482ad4cd9d2c17b9e511f27928 /sys/geom | |
| parent | ab1e286051ed8a2a9ef6c6466b6f3659a943c9bf (diff) | |
| download | src-7ac2e58818468e54d67b36998a1a140a0c9f3b63.tar.gz src-7ac2e58818468e54d67b36998a1a140a0c9f3b63.zip | |
When zero'ing out a buffer, make sure we are using right size.
Without this change, in the worst but unlikely case scenario, certain
administrative operations, including change of configuration, set or
delete key from a GEOM ELI provider, may leave potentially sensitive
information in buffer allocated from kernel memory.
We believe that it is not possible to actively exploit these issues, nor
does it impact the security of normal usage of GEOM ELI providers when
these operations are not performed after system boot.
Security: possible sensitive information disclosure
Submitted by: Clement Lecigne <clecigne google com>
MFC after: 3 days
Notes
Notes:
svn path=/head/; revision=257539
Diffstat (limited to 'sys/geom')
| -rw-r--r-- | sys/geom/eli/g_eli_ctl.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sys/geom/eli/g_eli_ctl.c b/sys/geom/eli/g_eli_ctl.c index 520d23719739..59aff9b684bd 100644 --- a/sys/geom/eli/g_eli_ctl.c +++ b/sys/geom/eli/g_eli_ctl.c @@ -471,7 +471,7 @@ g_eli_ctl_configure(struct gctl_req *req, struct g_class *mp) prov, error); } bzero(&md, sizeof(md)); - bzero(sector, sizeof(sector)); + bzero(sector, pp->sectorsize); free(sector, M_ELI); } } @@ -562,7 +562,7 @@ g_eli_ctl_setkey(struct gctl_req *req, struct g_class *mp) /* Encrypt Master Key with the new key. */ error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, mkeydst); - bzero(key, sizeof(key)); + bzero(key, keysize); if (error != 0) { bzero(&md, sizeof(md)); gctl_error(req, "Cannot encrypt Master Key (error=%d).", error); @@ -575,7 +575,7 @@ g_eli_ctl_setkey(struct gctl_req *req, struct g_class *mp) bzero(&md, sizeof(md)); error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector, pp->sectorsize); - bzero(sector, sizeof(sector)); + bzero(sector, pp->sectorsize); free(sector, M_ELI); if (error != 0) { gctl_error(req, "Cannot store metadata on %s (error=%d).", @@ -691,7 +691,7 @@ g_eli_ctl_delkey(struct gctl_req *req, struct g_class *mp) (void)g_io_flush(cp); } bzero(&md, sizeof(md)); - bzero(sector, sizeof(sector)); + bzero(sector, pp->sectorsize); free(sector, M_ELI); if (*all) G_ELI_DEBUG(1, "All keys removed from %s.", pp->name); |