[bug report] crypto: chtls - Register chtls with net tls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Atul Gupta,

The patch a08943947873: "crypto: chtls - Register chtls with net tls"
from Mar 31, 2018, leads to the following static checker warning:

	drivers/crypto/chelsio/chtls/chtls_main.c:447 do_chtls_getsockopt()
	warn: check that 'crypto_info.cipher_type' doesn't leak information

drivers/crypto/chelsio/chtls/chtls_main.c
   441  static int do_chtls_getsockopt(struct sock *sk, char __user *optval,
   442                                 int __user *optlen)
   443  {
   444          struct tls_crypto_info crypto_info;
   445  
   446          crypto_info.version = TLS_1_2_VERSION;
   447          if (copy_to_user(optval, &crypto_info, sizeof(struct tls_crypto_info)))
   448                  return -EFAULT;

It is an info leak, but perhaps instead of just zeroing it out we could
set crypto_info.cipher_type to something meaningful?

   449          return 0;
   450  }

regards,
dan carpenter
[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux