CVS commit: src/sys/opencrypto

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/opencrypto
From: Jonathan Stone <jonathan%netbsd.org@localhost>
Date: Mon, 22 Aug 2005 23:11:47 +0000 (UTC)

Module Name:    src
Committed By:   jonathan
Date:           Mon Aug 22 23:11:47 UTC 2005

Modified Files:
        src/sys/opencrypto: cryptodev.c

Log Message:
No change. Forced commit to record commit message for previous revision, viz:

Fix vulnerability to a denial-of-service attack which passes a
length-0 crypto op. Check for zero length and return EINVAL, taken from:

    
http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26

Original FreeBSD log mesage:

  Modified files:
    sys/opencrypto       cryptodev.c
  Log:
  Fix bogus check. It was possible to panic the kernel by giving 0 length.
  This is actually a local DoS, as every user can use /dev/crypto if there
  is crypto hardware in the system and cryptodev.ko is loaded (or compiled
  into the kernel).

  Reported by:    Mike Tancsa <mike%sentex.net@localhost>

thanks to Sam Leffler for passing on a heads-up about this issue.


To generate a diff of this commit:
cvs rdiff -r1.13 -r1.14 src/sys/opencrypto/cryptodev.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/opencrypto
Next by Date: CVS commit: src/libexec/lfs_cleanerd
Previous by Thread: CVS commit: src/sys/opencrypto
Next by Thread: CVS commit: src/libexec/lfs_cleanerd
Indexes:

Home | Main Index | Thread Index | Old Index