mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-01 02:36:02 +00:00
ksmbd: align aux_payload_buf to avoid OOB reads in cryptographic operations
The aux_payload_buf allocation in SMB2 read is performed without ensuring alignment, which could result in out-of-bounds (OOB) reads during cryptographic operations such as crypto_xor or ghash. This patch aligns the allocation of aux_payload_buf to prevent these issues. (Note that to add this patch to stable would require modifications due to recent patch "ksmbd: use __GFP_RETRY_MAYFAIL") Signed-off-by: Norbert Szetei <norbert@doyensec.com> Acked-by: Namjae Jeon <linkinjeon@kernel.org> Signed-off-by: Steve French <stfrench@microsoft.com>
This commit is contained in:
parent
313dab0822
commit
06a025448b
@ -6680,7 +6680,7 @@ int smb2_read(struct ksmbd_work *work)
|
||||
ksmbd_debug(SMB, "filename %pD, offset %lld, len %zu\n",
|
||||
fp->filp, offset, length);
|
||||
|
||||
aux_payload_buf = kvzalloc(length, KSMBD_DEFAULT_GFP);
|
||||
aux_payload_buf = kvzalloc(ALIGN(length, 8), KSMBD_DEFAULT_GFP);
|
||||
if (!aux_payload_buf) {
|
||||
err = -ENOMEM;
|
||||
goto out;
|
||||
|
Loading…
Reference in New Issue
Block a user