aboutsummaryrefslogtreecommitdiff
path: root/fs
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@google.com>2014-11-26 09:09:16 -0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2015-01-08 09:58:17 -0800
commit66012982c8e3344b6fc94defba2909356c607a6d (patch)
tree5e8a0968da2204086c7568b77bd04e921c524978 /fs
parented775f3161684770d506e150073d9f271335d5d3 (diff)
downloadlinux-linaro-stable-66012982c8e3344b6fc94defba2909356c607a6d.tar.gz
eCryptfs: Remove buggy and unnecessary write in file name decode routine
commit 942080643bce061c3dd9d5718d3b745dcb39a8bc upstream. Dmitry Chernenkov used KASAN to discover that eCryptfs writes past the end of the allocated buffer during encrypted filename decoding. This fix corrects the issue by getting rid of the unnecessary 0 write when the current bit offset is 2. Signed-off-by: Michael Halcrow <mhalcrow@google.com> Reported-by: Dmitry Chernenkov <dmitryc@google.com> Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs')
-rw-r--r--fs/ecryptfs/crypto.c1
1 files changed, 0 insertions, 1 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index f71ec125290d..1da2446bf6b0 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -2102,7 +2102,6 @@ ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size,
break;
case 2:
dst[dst_byte_offset++] |= (src_byte);
- dst[dst_byte_offset] = 0;
current_bit_offset = 0;
break;
}