[PATCH] crypto: algboss - avoid creating duplicated cipher instances

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Ovidiu Panait <ovidiu.panait@xxxxxxxxxxxxx>

Currently, it is possible to create duplicated /proc/crypto entries for the
same algorithm with the following test program:
"""
  #include <sys/socket.h>
  #include <linux/if_alg.h>

  int main(void)
  {
          struct sockaddr_alg sa = {
                  .salg_family = AF_ALG,
                  .salg_type = "skcipher",
                  .salg_name = "xts(ecb(aes-generic))extra-bytes",
          };
          int tfmfd;

          tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
          bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa));
  }
"""

When the alg name contains extra bogus characters after a valid template,
the bind() call fails, but a duplicated entry is still registered (in this
case xts(ecb(aes-generic))).

To fix this, add a check in cryptomgr_schedule_probe() for trailing
characters after a valid template.

Signed-off-by: Ovidiu Panait <ovidiu.panait@xxxxxxxxxxxxx>
---
 crypto/algboss.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/crypto/algboss.c b/crypto/algboss.c
index 0de1e6697949..8e8039b845a3 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -131,8 +131,12 @@ static int cryptomgr_schedule_probe(struct crypto_larval *larval)
 		if (i >= CRYPTO_MAX_ATTRS)
 			goto err_free_param;
 
-		if (*p == ')')
+		if (*p == ')') {
+			if (*++p)
+				goto err_free_param;
+
 			break;
+		}
 
 		if (*p != ',')
 			goto err_free_param;
-- 
2.34.1





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux