diff options
| author | John Baldwin <jhb@FreeBSD.org> | 2020-01-09 18:29:59 +0000 |
|---|---|---|
| committer | John Baldwin <jhb@FreeBSD.org> | 2020-01-09 18:29:59 +0000 |
| commit | 5ac518b51fdc6d1baeb2605d19b04848fc29dcbe (patch) | |
| tree | 8f83cfb903291b9a9ef1b78c689163eaab18ff80 /sys/opencrypto | |
| parent | dea247463c5abea0cd1a5186c2f89c73730e0242 (diff) | |
| download | src-5ac518b51fdc6d1baeb2605d19b04848fc29dcbe.tar.gz src-5ac518b51fdc6d1baeb2605d19b04848fc29dcbe.zip | |
Add stricter checking on mac key lengths.
Negative lengths are always invalid. The key length should also
be zero for hash algorithms that do not accept a key.
admbugs: 949
Reported by: Yuval Kanarenstein <yuvalk@ssd-disclosure.com>
Reviewed by: cem
MFC after: 1 week
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D23094
Notes
Notes:
svn path=/head/; revision=356561
Diffstat (limited to 'sys/opencrypto')
| -rw-r--r-- | sys/opencrypto/cryptodev.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index c492e059089d..e43f1a9dff43 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -585,8 +585,8 @@ cryptof_ioctl( if (thash) { cria.cri_alg = thash->type; cria.cri_klen = sop->mackeylen * 8; - if (thash->keysize != 0 && - sop->mackeylen > thash->keysize) { + if (sop->mackeylen > thash->keysize || + sop->mackeylen < 0) { CRYPTDEB("invalid mac key length"); error = EINVAL; SDT_PROBE1(opencrypto, dev, ioctl, error, |