apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity

encrypted-keys: check hex2bin result

Browse Source 
For each hex2bin call in encrypted keys, check that the ascii hex string
is valid.  On failure, return -EINVAL.

Changelog v1:
- hex2bin now returns an int

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: Andy Shevchenko <andy.shevchenko@gmail.com>
This commit is contained in:
Mimi Zohar
2011-09-20 11:23:55 -04:00
parent 2684bf7f29
commit 2b3ff6319e
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
security/keys/encrypted-keys/encrypted.c
+11 -3
View File
@@ -667,11 +667,19 @@ static int encrypted_key_decrypt(struct encrypted_key_payload *epayload,
return -EINVAL; return -EINVAL;
hex_encoded_data = hex_encoded_iv + (2 * ivsize) + 2; hex_encoded_data = hex_encoded_iv + (2 * ivsize) + 2;
hex2bin(epayload->iv, hex_encoded_iv, ivsize); ret = hex2bin(epayload->iv, hex_encoded_iv, ivsize);
hex2bin(epayload->encrypted_data, hex_encoded_data, encrypted_datalen); if (ret < 0)
return -EINVAL;
ret = hex2bin(epayload->encrypted_data, hex_encoded_data,
encrypted_datalen);
if (ret < 0)
return -EINVAL;
hmac = epayload->format + epayload->datablob_len; hmac = epayload->format + epayload->datablob_len;
hex2bin(hmac, hex_encoded_data + (encrypted_datalen * 2), HASH_SIZE); ret = hex2bin(hmac, hex_encoded_data + (encrypted_datalen * 2),
HASH_SIZE);
if (ret < 0)
return -EINVAL;
mkey = request_master_key(epayload, &master_key, &master_keylen); mkey = request_master_key(epayload, &master_key, &master_keylen);
if (IS_ERR(mkey)) if (IS_ERR(mkey))