2632a233ba
Fix vulnerability to a denial-of-service attack which passes a length-0 crypto op. Check for zero length and return EINVAL, taken from: http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26 Original FreeBSD log mesage: Modified files: sys/opencrypto cryptodev.c Log: Fix bogus check. It was possible to panic the kernel by giving 0 length. This is actually a local DoS, as every user can use /dev/crypto if there is crypto hardware in the system and cryptodev.ko is loaded (or compiled into the kernel). Reported by: Mike Tancsa <mike@sentex.net> thanks to Sam Leffler for passing on a heads-up about this issue. |
||
---|---|---|
.. | ||
criov.c | ||
crypto.c | ||
cryptodev.c | ||
cryptodev.h | ||
cryptosoft.c | ||
cryptosoft.h | ||
deflate.c | ||
deflate.h | ||
files.opencrypto | ||
Makefile | ||
xform.c | ||
xform.h |