]> Gentwo Git Trees - linux/.git/commit
gentwo / linux / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 77cd921) | patch
crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
authorThorsten Blum <thorsten.blum@linux.dev>
Mon, 13 Oct 2025 11:40:10 +0000 (13:40 +0200)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 23 Oct 2025 04:55:42 +0000 (12:55 +0800)
commitdf0845cf447ae1556c3440b8b155de0926cbaa56
tree76a0744fd7cb367eb17e4eb744838deed51e1d6atree | snapshot
parent77cd9210271556aff955551b3e2ef0ae8a2691bdcommit | diff
crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

Use check_add_overflow() to guard against potential integer overflows
when adding the binary blob lengths and the size of an asymmetric_key_id
structure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a
possible buffer overflow when copying data from potentially malicious
X.509 certificate fields that can be arbitrarily large, such as ASN.1
INTEGER serial numbers, issuer names, etc.

Fixes: 7901c1a8effb ("KEYS: Implement binary asymmetric key ID handling")
Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
Reviewed-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/asymmetric_keys/asymmetric_type.c diff | blob | blame | history
Development tree.