[Top] [All Lists]

[CRYPTO] Fix stack overrun in crypt()

To: "David S. Miller" <davem@xxxxxxxxxx>
Subject: [CRYPTO] Fix stack overrun in crypt()
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 15 Jul 2004 21:48:40 +1000
Cc: James Morris <jmorris@xxxxxxxxxx>, netdev@xxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040523i

The stack allocation in crypt() is bogus as whether tmp_src/tmp_dst
is used is determined by factors unrelated to nbytes and

Since the condition for whether tmp_src/tmp_dst are used is very
complex, let's allocate them always instead of guessing.

This fixes a number of weird crashes including those AES crashes
that people have been seeing with the 2.4 backport + ipt_conntrack.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

PS I think someone should double-check the logic in the scatterwalk
stuff, especially the whichbuf bits.

Visit Openswan at
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page:
PGP Key:

Attachment: p
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>