diff options
author | delphij <delphij@FreeBSD.org> | 2013-11-05 19:58:40 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2013-11-05 19:58:40 +0000 |
commit | 5b5f66ad93249a89d38204b30c5c2a557f1b0e06 (patch) | |
tree | 496c969eb247fb35bdb824ce331cd30aa59ebbc1 /sys | |
parent | 76e64e88a61d81b3667d049cb17dda24961289b3 (diff) | |
download | FreeBSD-src-5b5f66ad93249a89d38204b30c5c2a557f1b0e06.zip FreeBSD-src-5b5f66ad93249a89d38204b30c5c2a557f1b0e06.tar.gz |
MFC r257539:
When zero'ing out a buffer, make sure we are using right size.
Without this change, in the worst but unlikely case scenario, certain
administrative operations, including change of configuration, set or
delete key from a GEOM ELI provider, may leave potentially sensitive
information in buffer allocated from kernel memory.
We believe that it is not possible to actively exploit these issues, nor
does it impact the security of normal usage of GEOM ELI providers when
these operations are not performed after system boot.
Security: possible sensitive information disclosure
Submitted by: Clement Lecigne <clecigne google com>
Approved by: re (glebius)
Diffstat (limited to 'sys')
-rw-r--r-- | sys/geom/eli/g_eli_ctl.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sys/geom/eli/g_eli_ctl.c b/sys/geom/eli/g_eli_ctl.c index 520d237..59aff9b 100644 --- a/sys/geom/eli/g_eli_ctl.c +++ b/sys/geom/eli/g_eli_ctl.c @@ -471,7 +471,7 @@ g_eli_ctl_configure(struct gctl_req *req, struct g_class *mp) prov, error); } bzero(&md, sizeof(md)); - bzero(sector, sizeof(sector)); + bzero(sector, pp->sectorsize); free(sector, M_ELI); } } @@ -562,7 +562,7 @@ g_eli_ctl_setkey(struct gctl_req *req, struct g_class *mp) /* Encrypt Master Key with the new key. */ error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, mkeydst); - bzero(key, sizeof(key)); + bzero(key, keysize); if (error != 0) { bzero(&md, sizeof(md)); gctl_error(req, "Cannot encrypt Master Key (error=%d).", error); @@ -575,7 +575,7 @@ g_eli_ctl_setkey(struct gctl_req *req, struct g_class *mp) bzero(&md, sizeof(md)); error = g_write_data(cp, pp->mediasize - pp->sectorsize, sector, pp->sectorsize); - bzero(sector, sizeof(sector)); + bzero(sector, pp->sectorsize); free(sector, M_ELI); if (error != 0) { gctl_error(req, "Cannot store metadata on %s (error=%d).", @@ -691,7 +691,7 @@ g_eli_ctl_delkey(struct gctl_req *req, struct g_class *mp) (void)g_io_flush(cp); } bzero(&md, sizeof(md)); - bzero(sector, sizeof(sector)); + bzero(sector, pp->sectorsize); free(sector, M_ELI); if (*all) G_ELI_DEBUG(1, "All keys removed from %s.", pp->name); |