aboutsummaryrefslogtreecommitdiff
path: root/crypto/drbg.c
diff options
context:
space:
mode:
authorKees Cook2021-06-16 14:24:08 -0700
committerMartin K. Petersen2021-06-18 23:25:27 -0400
commit4ab293c2809efa1499c3290ff007d98a9ee2fab2 (patch)
tree29d1f081583646ea301a160b05d368914b2a4bbe /crypto/drbg.c
parentd8b34a32a44078abef55e9fee5b3ddc7755d7c30 (diff)
scsi: ips: Avoid over-read of sense buffer
In preparation for FORTIFY_SOURCE performing compile-time and run-time field bounds checking for memcpy() avoid intentionally reading across neighboring array fields. scb->scsi_cmd->sense_buffer is 96 bytes: #define SCSI_SENSE_BUFFERSIZE 96 tapeDCDB->sense_info is 56 bytes: typedef struct { ... uint8_t sense_info[56]; } IPS_DCDB_TABLE_TAPE, ... scb->dcdb.sense_info is 64 bytes: typedef struct { ... uint8_t sense_info[64]; ... } IPS_DCDB_TABLE, ... Copying 96 bytes from either was copying beyond the end of the respective buffers, leading to potential memory content exposures. Correctly copy the actual buffer contents and zero pad the remaining bytes. Link: https://lore.kernel.org/r/20210616212408.1726812-1-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Diffstat (limited to 'crypto/drbg.c')
0 files changed, 0 insertions, 0 deletions