* [PATCH 1/3] lib: add error checking to hex2bin
@ 2011-09-20 13:15 Mimi Zohar
2011-09-20 13:15 ` [PATCH 2/3] trusted-keys: check hex2bin result Mimi Zohar
2011-09-20 13:15 ` [PATCH 3/3] encrypted-keys: " Mimi Zohar
0 siblings, 2 replies; 5+ messages in thread
From: Mimi Zohar @ 2011-09-20 13:15 UTC (permalink / raw)
To: linux-security-module
Cc: Mimi Zohar, linux-kernel, Andrew Morton, Andy Shevchenko,
Tetsuo Handa, James Morris, David Safford
hex2bin converts a hexadecimal string to its binary representation.
The original version of hex2bin did not do any error checking. This
patch adds error checking and returns the result.
Changelog:
- add __must_check compiler option (Andy Shevchenko's suggestion)
- change function API to return error checking result
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
---
include/linux/kernel.h | 2 +-
lib/hexdump.c | 15 +++++++++++----
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 46ac9a5..8eefcf7 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -382,7 +382,7 @@ static inline char *pack_hex_byte(char *buf, u8 byte)
}
extern int hex_to_bin(char ch);
-extern void hex2bin(u8 *dst, const char *src, size_t count);
+extern int __must_check hex2bin(u8 *dst, const char *src, size_t count);
/*
* General tracing related utility functions - trace_printk(),
diff --git a/lib/hexdump.c b/lib/hexdump.c
index f5fe6ba..51d5ae2 100644
--- a/lib/hexdump.c
+++ b/lib/hexdump.c
@@ -38,14 +38,21 @@ EXPORT_SYMBOL(hex_to_bin);
* @dst: binary result
* @src: ascii hexadecimal string
* @count: result length
+ *
+ * Return 0 on success, -1 in case of bad input.
*/
-void hex2bin(u8 *dst, const char *src, size_t count)
+int hex2bin(u8 *dst, const char *src, size_t count)
{
while (count--) {
- *dst = hex_to_bin(*src++) << 4;
- *dst += hex_to_bin(*src++);
- dst++;
+ int hi = hex_to_bin(*src++);
+ int lo = hex_to_bin(*src++);
+
+ if ((hi < 0) || (lo < 0))
+ return -1;
+
+ *dst++ = (hi << 4) | lo;
}
+ return 0;
}
EXPORT_SYMBOL(hex2bin);
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/3] trusted-keys: check hex2bin result
2011-09-20 13:15 [PATCH 1/3] lib: add error checking to hex2bin Mimi Zohar
@ 2011-09-20 13:15 ` Mimi Zohar
2011-09-20 13:57 ` Andy Shevchenko
2011-09-20 13:15 ` [PATCH 3/3] encrypted-keys: " Mimi Zohar
1 sibling, 1 reply; 5+ messages in thread
From: Mimi Zohar @ 2011-09-20 13:15 UTC (permalink / raw)
To: linux-security-module
Cc: Tetsuo Handa, linux-kernel, Andrew Morton, Andy Shevchenko,
Tetsuo Handa, James Morris, David Safford, Mimi Zohar
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
For each hex2bin call in trusted keys, check that the ascii hex string is
valid. On failure, return -EINVAL.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
---
security/keys/trusted.c | 15 +++++++++++----
1 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 0c33e2e..9b847e1 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -779,7 +779,9 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
opt->pcrinfo_len = strlen(args[0].from) / 2;
if (opt->pcrinfo_len > MAX_PCRINFO_SIZE)
return -EINVAL;
- hex2bin(opt->pcrinfo, args[0].from, opt->pcrinfo_len);
+ if (!hex2bin(opt->pcrinfo, args[0].from,
+ opt->pcrinfo_len))
+ return -EINVAL;
break;
case Opt_keyhandle:
res = strict_strtoul(args[0].from, 16, &handle);
@@ -791,12 +793,16 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
case Opt_keyauth:
if (strlen(args[0].from) != 2 * SHA1_DIGEST_SIZE)
return -EINVAL;
- hex2bin(opt->keyauth, args[0].from, SHA1_DIGEST_SIZE);
+ if (!hex2bin(opt->keyauth, args[0].from,
+ SHA1_DIGEST_SIZE))
+ return -EINVAL;
break;
case Opt_blobauth:
if (strlen(args[0].from) != 2 * SHA1_DIGEST_SIZE)
return -EINVAL;
- hex2bin(opt->blobauth, args[0].from, SHA1_DIGEST_SIZE);
+ if (!hex2bin(opt->blobauth, args[0].from,
+ SHA1_DIGEST_SIZE))
+ return -EINVAL;
break;
case Opt_migratable:
if (*args[0].from == '0')
@@ -860,7 +866,8 @@ static int datablob_parse(char *datablob, struct trusted_key_payload *p,
p->blob_len = strlen(c) / 2;
if (p->blob_len > MAX_BLOB_SIZE)
return -EINVAL;
- hex2bin(p->blob, c, p->blob_len);
+ if (!hex2bin(p->blob, c, p->blob_len))
+ return -EINVAL;
ret = getoptions(datablob, p, o);
if (ret < 0)
return ret;
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/3] encrypted-keys: check hex2bin result
2011-09-20 13:15 [PATCH 1/3] lib: add error checking to hex2bin Mimi Zohar
2011-09-20 13:15 ` [PATCH 2/3] trusted-keys: check hex2bin result Mimi Zohar
@ 2011-09-20 13:15 ` Mimi Zohar
1 sibling, 0 replies; 5+ messages in thread
From: Mimi Zohar @ 2011-09-20 13:15 UTC (permalink / raw)
To: linux-security-module
Cc: Tetsuo Handa, linux-kernel, Andrew Morton, Andy Shevchenko,
Tetsuo Handa, James Morris, David Safford, Mimi Zohar
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
For each hex2bin call in encrypted keys, check that the ascii hex string
is valid. On failure, return -EINVAL.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
---
security/keys/encrypted-keys/encrypted.c | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index 3f57795..cd654d9 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -667,11 +667,16 @@ static int encrypted_key_decrypt(struct encrypted_key_payload *epayload,
return -EINVAL;
hex_encoded_data = hex_encoded_iv + (2 * ivsize) + 2;
- hex2bin(epayload->iv, hex_encoded_iv, ivsize);
- hex2bin(epayload->encrypted_data, hex_encoded_data, encrypted_datalen);
+ if (!hex2bin(epayload->iv, hex_encoded_iv, ivsize))
+ return -EINVAL;
+ if (!hex2bin(epayload->encrypted_data, hex_encoded_data,
+ encrypted_datalen))
+ return -EINVAL;
hmac = epayload->format + epayload->datablob_len;
- hex2bin(hmac, hex_encoded_data + (encrypted_datalen * 2), HASH_SIZE);
+ if (!hex2bin(hmac, hex_encoded_data + (encrypted_datalen * 2),
+ HASH_SIZE))
+ return -EINVAL;
mkey = request_master_key(epayload, &master_key, &master_keylen);
if (IS_ERR(mkey))
--
1.7.3.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 2/3] trusted-keys: check hex2bin result
2011-09-20 13:15 ` [PATCH 2/3] trusted-keys: check hex2bin result Mimi Zohar
@ 2011-09-20 13:57 ` Andy Shevchenko
2011-09-20 14:12 ` Mimi Zohar
0 siblings, 1 reply; 5+ messages in thread
From: Andy Shevchenko @ 2011-09-20 13:57 UTC (permalink / raw)
To: Mimi Zohar
Cc: linux-security-module, Tetsuo Handa, linux-kernel, Andrew Morton,
James Morris, David Safford
On Tue, Sep 20, 2011 at 4:15 PM, Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
>
> For each hex2bin call in trusted keys, check that the ascii hex string is
> valid. On failure, return -EINVAL.
>
> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> ---
> security/keys/trusted.c | 15 +++++++++++----
> 1 files changed, 11 insertions(+), 4 deletions(-)
>
> diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> index 0c33e2e..9b847e1 100644
> --- a/security/keys/trusted.c
> +++ b/security/keys/trusted.c
> @@ -779,7 +779,9 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
> opt->pcrinfo_len = strlen(args[0].from) / 2;
> if (opt->pcrinfo_len > MAX_PCRINFO_SIZE)
> return -EINVAL;
> - hex2bin(opt->pcrinfo, args[0].from, opt->pcrinfo_len);
> + if (!hex2bin(opt->pcrinfo, args[0].from,
> + opt->pcrinfo_len))
> + return -EINVAL;
if (hex2bin(...) < 0)
Everywhere in Patch 2 and 3.
--
With Best Regards,
Andy Shevchenko
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 2/3] trusted-keys: check hex2bin result
2011-09-20 13:57 ` Andy Shevchenko
@ 2011-09-20 14:12 ` Mimi Zohar
0 siblings, 0 replies; 5+ messages in thread
From: Mimi Zohar @ 2011-09-20 14:12 UTC (permalink / raw)
To: Andy Shevchenko
Cc: linux-security-module, Tetsuo Handa, linux-kernel, Andrew Morton,
James Morris, David Safford
On Tue, 2011-09-20 at 16:57 +0300, Andy Shevchenko wrote:
> On Tue, Sep 20, 2011 at 4:15 PM, Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> > From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> >
> > For each hex2bin call in trusted keys, check that the ascii hex string is
> > valid. On failure, return -EINVAL.
> >
> > Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> > Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> > ---
> > security/keys/trusted.c | 15 +++++++++++----
> > 1 files changed, 11 insertions(+), 4 deletions(-)
> >
> > diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> > index 0c33e2e..9b847e1 100644
> > --- a/security/keys/trusted.c
> > +++ b/security/keys/trusted.c
> > @@ -779,7 +779,9 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
> > opt->pcrinfo_len = strlen(args[0].from) / 2;
> > if (opt->pcrinfo_len > MAX_PCRINFO_SIZE)
> > return -EINVAL;
> > - hex2bin(opt->pcrinfo, args[0].from, opt->pcrinfo_len);
> > + if (!hex2bin(opt->pcrinfo, args[0].from,
> > + opt->pcrinfo_len))
> > + return -EINVAL;
> if (hex2bin(...) < 0)
>
> Everywhere in Patch 2 and 3.
thanks,
Mimi
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2011-09-20 14:25 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-09-20 13:15 [PATCH 1/3] lib: add error checking to hex2bin Mimi Zohar
2011-09-20 13:15 ` [PATCH 2/3] trusted-keys: check hex2bin result Mimi Zohar
2011-09-20 13:57 ` Andy Shevchenko
2011-09-20 14:12 ` Mimi Zohar
2011-09-20 13:15 ` [PATCH 3/3] encrypted-keys: " Mimi Zohar
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.