On Sun, Feb 23, 2025 at 11:09:32AM +0900, Sergey Senozhatsky wrote:
>
> Right, for lzo/lzo-rle we need a safety page.
We should fix it because it's a security hole for anyone who calls
it through the Crypto API.
> It also seems that there is no common way of reporting dst_but overflow.
> Some algos return -ENOSPC immediately, some don't return anything at all,
> and deflate does it's own thing - there are these places where they see
> they are out of out space but they Z_OK it
>
> if (s->pending != 0) {
> flush_pending(strm);
> if (strm->avail_out == 0) {
> /* Since avail_out is 0, deflate will be called again with
> * more output space, but possibly with both pending and
> * avail_in equal to zero. There won't be anything to do,
> * but this is not an error situation so make sure we
> * return OK instead of BUF_ERROR at next call of deflate:
> */
> s->last_flush = -1;
> return Z_OK;
> }
> }
Z_OK is actually an error, see crypto/deflate.c:
ret = zlib_deflate(stream, Z_FINISH);
if (ret != Z_STREAM_END) {
ret = -EINVAL;
goto out;
}
We could change this to ENOSPC for consistency.
If you do find anything that returns 0 through the Crypto API please
let me know.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
