diff options
author | Miloslav Trmač <mitr@redhat.com> | 2010-07-09 08:07:30 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-19 09:24:57 +0200 |
commit | d94b51511499508a39f0a96f7c75cab4547b9b41 (patch) | |
tree | 481311162a7a005a7f6e8e40b64eb93f3362576a /ncr-key-storage.c | |
parent | 2944cc196bbeb48fdaa2fd4d352e255842d29229 (diff) | |
download | cryptodev-linux-d94b51511499508a39f0a96f7c75cab4547b9b41.tar.gz cryptodev-linux-d94b51511499508a39f0a96f7c75cab4547b9b41.tar.xz cryptodev-linux-d94b51511499508a39f0a96f7c75cab4547b9b41.zip |
Avoid overflows when unwrapping from storage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'ncr-key-storage.c')
-rw-r--r-- | ncr-key-storage.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/ncr-key-storage.c b/ncr-key-storage.c index 2a6055e..69e1c50 100644 --- a/ncr-key-storage.c +++ b/ncr-key-storage.c @@ -87,7 +87,7 @@ int key_from_storage_data(struct key_item_st* key, const void* data, size_t data const struct packed_key * pkey = data; int ret; - if (data_size != sizeof(*pkey)) { + if (data_size != sizeof(*pkey) || pkey->key_id_size > MAX_KEY_ID_SIZE) { err(); return -EINVAL; } @@ -100,6 +100,10 @@ int key_from_storage_data(struct key_item_st* key, const void* data, size_t data memcpy(key->key_id, pkey->key_id, pkey->key_id_size); if (key->type == NCR_KEY_TYPE_SECRET) { + if (pkey->raw_size > NCR_CIPHER_MAX_KEY_LEN) { + err(); + return -EINVAL; + } key->key.secret.size = pkey->raw_size; memcpy(key->key.secret.data, pkey->raw, pkey->raw_size); } else if (key->type == NCR_KEY_TYPE_PUBLIC |