linux/keys at e645016abc803dafc75e4b8f6e4118f088900ffb - linux - MyRedstone

Kernel/linux

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-17 02:15:57 +00:00

History

Eric Biggers e645016abc KEYS: fix writing past end of user-supplied buffer in keyring_read()

Userspace can call keyctl_read() on a keyring to get the list of IDs of
keys in the keyring.  But if the user-supplied buffer is too small, the
kernel would write the full list anyway --- which will corrupt whatever
userspace memory happened to be past the end of the buffer.  Fix it by
only filling the space that is available.

Fixes: b2a4df200d57 ("KEYS: Expand the capacity of a keyring")
Cc: <stable@vger.kernel.org>	[v3.13+]
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>

2017-09-25 15:19:57 +01:00

..

There has been a fair amount of activity in the docs tree this time

2017-07-03 21:13:25 -07:00

big_key.c

fs: fix kernel_write prototype

2017-09-04 19:05:15 -04:00

compat_dh.c

KEYS: DH: validate __spare field

2017-07-14 11:01:38 +10:00

compat.c

KEYS: add SP800-56A KDF support for DH

2017-04-04 22:33:38 +01:00

dh.c

KEYS: DH: validate __spare field

2017-07-14 11:01:38 +10:00

gc.c

KEYS: sanitize key structs before freeing

2017-06-09 13:29:48 +10:00

internal.h

Now that IPC and other changes have landed, enable manual markings for

2017-07-19 08:55:18 -07:00

Kconfig

KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API

2017-06-09 13:29:50 +10:00

key.c

KEYS: fix refcount_inc() on zero

2017-06-09 13:29:50 +10:00

keyctl.c

KEYS: fix key refcount leak in keyctl_read_key()

2017-09-25 15:19:57 +01:00

keyring.c

KEYS: fix writing past end of user-supplied buffer in keyring_read()

2017-09-25 15:19:57 +01:00

Makefile

KEYS: add SP800-56A KDF support for DH

2017-04-04 22:33:38 +01:00

permission.c

KEYS: Move the flags representing required permission to linux/key.h

2014-03-14 17:44:49 +00:00

persistent.c

sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h>

2017-03-02 08:42:31 +01:00

proc.c

security, keys: convert key_user.usage from atomic_t to refcount_t

2017-04-03 10:49:06 +10:00

process_keys.c

KEYS: put keyring if install_session_keyring_to_cred() fails

2017-06-09 13:29:46 +10:00

request_key_auth.c

KEYS: don't revoke uninstantiated key in request_key_auth_new()

2017-09-25 15:19:56 +01:00

request_key.c

doc: ReSTify keys-request-key.txt

2017-05-18 10:33:51 -06:00

sysctl.c

security: Convert use of typedef ctl_table to struct ctl_table

2014-04-15 13:39:58 +10:00

trusted.c

There has been a fair amount of activity in the docs tree this time

2017-07-03 21:13:25 -07:00

trusted.h

keys, trusted: move struct trusted_key_options to trusted-type.h

2015-10-19 01:01:21 +02:00

user_defined.c

KEYS: user_defined: sanitize key payloads

2017-06-09 13:29:48 +10:00