Subject: CVS commit: src/sys/opencrypto
To: None <source-changes@NetBSD.org>
From: Jonathan Stone <firstname.lastname@example.org>
Date: 08/22/2005 23:11:47
Module Name: src
Committed By: jonathan
Date: Mon Aug 22 23:11:47 UTC 2005
No change. Forced commit to record commit message for previous revision, viz:
Fix vulnerability to a denial-of-service attack which passes a
length-0 crypto op. Check for zero length and return EINVAL, taken from:
Original FreeBSD log mesage:
Fix bogus check. It was possible to panic the kernel by giving 0 length.
This is actually a local DoS, as every user can use /dev/crypto if there
is crypto hardware in the system and cryptodev.ko is loaded (or compiled
into the kernel).
Reported by: Mike Tancsa <email@example.com>
thanks to Sam Leffler for passing on a heads-up about this issue.
To generate a diff of this commit:
cvs rdiff -r1.13 -r1.14 src/sys/opencrypto/cryptodev.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.