[PATCH 1/1] crypto: Fix possible buffer overflows in pkey_protkey_aes_attr_read

2020-12-09 Thread Xiaohui Zhang
From: Zhang Xiaohui pkey_protkey_aes_attr_read() calls memcpy() without checking the destination size may trigger a buffer overflower. Signed-off-by: Zhang Xiaohui --- drivers/s390/crypto/pkey_api.c | 4 1 file changed, 4 insertions(+) diff --git a/drivers/s390/crypto/pkey_api.c b/driver

Re: [PATCH 1/1] crypto: Fix possible buffer overflows in pkey_protkey_aes_attr_read

2020-12-08 Thread Harald Freudenberger
On 09.12.20 07:47, Xiaohui Zhang wrote: > From: Zhang Xiaohui > > pkey_protkey_aes_attr_read() calls memcpy() without checking the > destination size may trigger a buffer overflower. > > Signed-off-by: Zhang Xiaohui > --- > drivers/s390/crypto/pkey_api.c | 4 > 1 file changed, 4 insertions(

Re: [PATCH 1/1] crypto: Fix possible buffer overflows in pkey_protkey_aes_attr_read

2020-12-08 Thread Christian Borntraeger
On 09.12.20 07:47, Xiaohui Zhang wrote: > From: Zhang Xiaohui > > pkey_protkey_aes_attr_read() calls memcpy() without checking the > destination size may trigger a buffer overflower. To me it looks like protkey.len is generated programmatically in pkey_genprotkey/pkey_clr2protkey and this pu