On Fri, Nov 21, 2014 at 9:02 AM, Michael Halcrow <mhalcrow@xxxxxxxxxx> wrote: > Dmitry Chernenkov used KASAN to discover that eCryptfs writes past the > end of the allocated buffer during encrypted filename decoding. This > fix corrects the issue by ensuring that there is sufficient buffer > space allocated. > > Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx> > --- > fs/ecryptfs/crypto.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c > index 2f6735d..53d4f2e 100644 > --- a/fs/ecryptfs/crypto.c > +++ b/fs/ecryptfs/crypto.c > @@ -1871,7 +1871,7 @@ static size_t ecryptfs_max_decoded_size(size_t encoded_size) > * the caller with the maximum amount of allocated > * space that @dst will need to point to in a > * subsequent call. */ > - return ((encoded_size + 1) * 3) / 4; > + return (((encoded_size + 1) * 3) / 4) + 1; Kees pointed out that the last write of 0 isn't even necessary. Ignore this patch. I've sent out a fix that removes that write. > } > > /** > -- > 2.1.0.rc2.206.gedb03e5 > -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
