Dmitry Chernenkov used KASAN to discover that eCryptfs writes past the end of the allocated buffer during encrypted filename decoding. This fix corrects the issue by ensuring that there is sufficient buffer space allocated. Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx> --- fs/ecryptfs/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 2f6735d..53d4f2e 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -1871,7 +1871,7 @@ static size_t ecryptfs_max_decoded_size(size_t encoded_size) * the caller with the maximum amount of allocated * space that @dst will need to point to in a * subsequent call. */ - return ((encoded_size + 1) * 3) / 4; + return (((encoded_size + 1) * 3) / 4) + 1; } /** -- 2.1.0.rc2.206.gedb03e5 -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
