redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/security
History
Eric Biggers 28e7c9a8e5 KEYS: reject NULL restriction string when type is specified 
commit 18026d8668 upstream.

keyctl_restrict_keyring() allows through a NULL restriction when the
"type" is non-NULL, which causes a NULL pointer dereference in
asymmetric_lookup_restriction() when it calls strcmp() on the
restriction string.

But no key types actually use a "NULL restriction" to mean anything, so
update keyctl_restrict_keyring() to reject it with EINVAL.

Reported-by: syzbot <syzkaller@googlegroups.com>
Fixes: 97d3aa0f31 ("KEYS: Add a lookup_restriction function for the asymmetric key type")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2017-12-14 09:52:53 +01:00
..
apparmor apparmor: fix oops in audit_signal_cb hook 2017-12-05 11:26:31 +01:00
integrity ima: fix hash algorithm initialization 2017-12-10 13:40:38 +01:00
keys KEYS: reject NULL restriction string when type is specified 2017-12-14 09:52:53 +01:00
loadpin security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
selinux License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
smack lsm: fix smack_inode_removexattr and xattr_getsecurity memleak 2017-10-04 18:03:15 +11:00
tomoyo License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
yama doc: ReSTify Yama.txt 2017-05-18 10:33:04 -06:00
Kconfig include/linux/string.h: add the option of fortified string.h functions 2017-07-12 16:26:03 -07:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
commoncap.c commoncap: move assignment of fs_ns to avoid null pointer dereference 2017-10-19 13:09:33 +11:00
device_cgroup.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
inode.c securityfs: add the ability to support symlinks 2017-06-08 12:51:43 -07:00
lsm_audit.c lsm_audit: update my email address 2017-08-17 15:33:39 -04:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c selinux/stable-4.14 PR 20170831 2017-09-12 13:21:00 -07:00