# git rev-parse -q --verify 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5^{commit} 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 already have revision, skipping fetch # git checkout -q -f -B kisskb 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 # git clean -qxdf # < git log -1 # commit 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 # Author: Ard Biesheuvel # Date: Sat Jan 2 14:59:09 2021 +0100 # # crypto: ecdh - avoid buffer overflow in ecdh_set_secret() # # Pavel reports that commit 17858b140bf4 ("crypto: ecdh - avoid unaligned # accesses in ecdh_set_secret()") fixes one problem but introduces another: # the unconditional memcpy() introduced by that commit may overflow the # target buffer if the source data is invalid, which could be the result of # intentional tampering. # # So check params.key_size explicitly against the size of the target buffer # before validating the key further. # # Fixes: 17858b140bf4 ("crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()") # Reported-by: Pavel Machek # Cc: # Signed-off-by: Ard Biesheuvel # Signed-off-by: Herbert Xu # < /opt/cross/kisskb/korg/gcc-4.9.4-nolibc/powerpc64-linux/bin/powerpc64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-4.9.4-nolibc/powerpc64-linux/bin/powerpc64-linux-ld --version # < git log --format=%s --max-count=1 0aa171e9b267ce7c52d3a3df7bc9c1fc0203dec5 # < make -s -j 120 ARCH=powerpc O=/kisskb/build/crypto_ppc64e_defconfig_powerpc-gcc4.9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-4.9.4-nolibc/powerpc64-linux/bin/powerpc64-linux- ppc64e_defconfig # < make -s -j 120 ARCH=powerpc O=/kisskb/build/crypto_ppc64e_defconfig_powerpc-gcc4.9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-4.9.4-nolibc/powerpc64-linux/bin/powerpc64-linux- help # make -s -j 120 ARCH=powerpc O=/kisskb/build/crypto_ppc64e_defconfig_powerpc-gcc4.9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-4.9.4-nolibc/powerpc64-linux/bin/powerpc64-linux- olddefconfig # make -s -j 120 ARCH=powerpc O=/kisskb/build/crypto_ppc64e_defconfig_powerpc-gcc4.9 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-4.9.4-nolibc/powerpc64-linux/bin/powerpc64-linux- INFO: Uncompressed kernel (size 0xd26134) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0xe00000) Image Name: Linux-5.11.0-rc1-g0aa171e9b267 Created: Sun Jan 3 09:49:01 2021 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 5322489 Bytes = 5197.74 KiB = 5.08 MiB Load Address: 00000000 Entry Point: 00000000 Completed OK # rm -rf /kisskb/build/crypto_ppc64e_defconfig_powerpc-gcc4.9 # Build took: 0:01:13.832288