No change. Forced commit to record commit message for previous revision, viz:

Fix vulnerability to a denial-of-service attack which passes a length-0 crypto op. Check for zero length and return EINVAL, taken from: http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26 Original FreeBSD log mesage: Modified files: sys/opencrypto cryptodev.c Log: Fix bogus check. It was possible to panic the kernel by giving 0 length. This is actually a local DoS, as every user can use /dev/crypto if there is crypto hardware in the system and cryptodev.ko is loaded (or compiled into the kernel). Reported by: Mike Tancsa <mike@sentex.net> thanks to Sam Leffler for passing on a heads-up about this issue.
2005-08-22 23:11:47 +00:00 · 2005-08-22 23:11:47 +00:00 · 2632a233ba
commit 2632a233ba
parent 867a03c37c
1 changed files with 2 additions and 2 deletions
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@ -1,4 +1,4 @@
-/*	$NetBSD: cryptodev.c,v 1.13 2005/08/22 23:06:34 jonathan Exp $ */
+/*	$NetBSD: cryptodev.c,v 1.14 2005/08/22 23:11:47 jonathan Exp $ */
 /*	$FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $	*/
 /*	$OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $	*/

@ -35,7 +35,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.13 2005/08/22 23:06:34 jonathan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.14 2005/08/22 23:11:47 jonathan Exp $");

 #include <sys/param.h>
 #include <sys/systm.h>