KEYS: reject NULL restriction string when type is specified - openslx/kernel-qcow2-linux.git

diff options

author	Eric Biggers	2017-12-08 16:13:29 +0100
committer	David Howells	2017-12-08 16:13:29 +0100
commit	18026d866801d0c52e5550210563222bd6c7191d (patch)
tree	744c23841e67ff704fa4374b14a05ec542b4f4eb /crypto/asymmetric_keys
parent	security: keys: remove redundant assignment to key_ref (diff)
download	kernel-qcow2-linux-18026d866801d0c52e5550210563222bd6c7191d.tar.gz kernel-qcow2-linux-18026d866801d0c52e5550210563222bd6c7191d.tar.xz kernel-qcow2-linux-18026d866801d0c52e5550210563222bd6c7191d.zip

KEYS: reject NULL restriction string when type is specified

keyctl_restrict_keyring() allows through a NULL restriction when the "type" is non-NULL, which causes a NULL pointer dereference in asymmetric_lookup_restriction() when it calls strcmp() on the restriction string. But no key types actually use a "NULL restriction" to mean anything, so update keyctl_restrict_keyring() to reject it with EINVAL. Reported-by: syzbot <syzkaller@googlegroups.com> Fixes: 97d3aa0f3134 ("KEYS: Add a lookup_restriction function for the asymmetric key type") Cc: <stable@vger.kernel.org> # v4.12+ Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com>

Diffstat (limited to 'crypto/asymmetric_keys')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: