git: cryptsetup - fix buffer overflow

Alex Hornung alexh at crater.dragonflybsd.org
Sat Aug 14 14:07:38 PDT 2010


commit 9b5950612f254d98d48b91158b7648d6cc48dad1
Author: Alex Hornung <ahornung at gmail.com>
Date:   Sat Aug 14 23:01:47 2010 +0100

    cryptsetup - fix buffer overflow
    
    * fix a buffer overflow introduced during the porting. Linux originally
      did digest = gcry_md_read(hd, hash_id); memcpy(dst, digest, len);
      I ported that to do EVP_DigestFinal directly into dst, causing
      corruption. Avoid this by writing to some intermediate (large) buffer
      and then using memcpy like Linux does.

Summary of changes:
 contrib/cryptsetup/luks/af.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9b5950612f254d98d48b91158b7648d6cc48dad1


-- 
DragonFly BSD source repository





More information about the Commits mailing list