[019/136] eCryptfs: Handle unrecognized tag 3 cipher codes

From: Greg KH
Date: Thu Oct 01 2009 - 22:00:33 EST

Next message: Greg KH: "[012/136] ACPI: pci_slot.ko wants a 64-bit _SUN"
Previous message: Greg KH: "[016/136] mmc_spi: fail gracefully if host or card do not support the switch command"
In reply to: Greg KH: "[016/136] mmc_spi: fail gracefully if host or card do not support the switch command"
Next in thread: Greg KH: "[012/136] ACPI: pci_slot.ko wants a 64-bit _SUN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.31-stable review patch. If anyone has any objections, please let us know.

------------------
From: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxx>

commit b0105eaefa7cce8f4a941d0fc6354b250d30e745 upstream.

Returns an error when an unrecognized cipher code is present in a tag 3
packet or an ecryptfs_crypt_stat cannot be initialized. Also sets an
crypt_stat->tfm error pointer to NULL to ensure that it will not be
incorrectly freed in ecryptfs_destroy_crypt_stat().

Acked-by: Serge Hallyn <serue@xxxxxxxxxx>
Cc: ecryptfs-devel@xxxxxxxxxxxxxxxxxxx
Signed-off-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
fs/ecryptfs/crypto.c | 1 +
fs/ecryptfs/keystore.c | 10 +++++++---
2 files changed, 8 insertions(+), 3 deletions(-)

--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -797,6 +797,7 @@ int ecryptfs_init_crypt_ctx(struct ecryp
kfree(full_alg_name);
if (IS_ERR(crypt_stat->tfm)) {
rc = PTR_ERR(crypt_stat->tfm);
+ crypt_stat->tfm = NULL;
ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
"Error initializing cipher [%s]\n",
crypt_stat->cipher);
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -1316,8 +1316,10 @@ parse_tag_3_packet(struct ecryptfs_crypt
rc = -EINVAL;
goto out_free;
}
- ecryptfs_cipher_code_to_string(crypt_stat->cipher,
- (u16)data[(*packet_size)]);
+ rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher,
+ (u16)data[(*packet_size)]);
+ if (rc)
+ goto out_free;
/* A little extra work to differentiate among the AES key
* sizes; see RFC2440 */
switch(data[(*packet_size)++]) {
@@ -1328,7 +1330,9 @@ parse_tag_3_packet(struct ecryptfs_crypt
crypt_stat->key_size =
(*new_auth_tok)->session_key.encrypted_key_size;
}
- ecryptfs_init_crypt_ctx(crypt_stat);
+ rc = ecryptfs_init_crypt_ctx(crypt_stat);
+ if (rc)
+ goto out_free;
if (unlikely(data[(*packet_size)++] != 0x03)) {
printk(KERN_WARNING "Only S2K ID 3 is currently supported\n");
rc = -ENOSYS;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[012/136] ACPI: pci_slot.ko wants a 64-bit _SUN"
Previous message: Greg KH: "[016/136] mmc_spi: fail gracefully if host or card do not support the switch command"
In reply to: Greg KH: "[016/136] mmc_spi: fail gracefully if host or card do not support the switch command"
Next in thread: Greg KH: "[012/136] ACPI: pci_slot.ko wants a 64-bit _SUN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]