summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2001-06-16 10:46:04 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2001-06-16 10:46:04 +0000
commiteca94da42fa439e342762de08448a676905ece97 (patch)
tree04ca061caadb5a31cdd523c31c99ba799efeedcd /sys
parentd824eac8e0a2bb8d6dc523ed1cc3027a3e1e5420 (diff)
range check the enc & mac key lengths
Diffstat (limited to 'sys')
-rw-r--r--sys/crypto/cryptodev.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/sys/crypto/cryptodev.c b/sys/crypto/cryptodev.c
index b541f7c9778..84fd5096177 100644
--- a/sys/crypto/cryptodev.c
+++ b/sys/crypto/cryptodev.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptodev.c,v 1.11 2001/06/15 09:14:46 deraadt Exp $ */
+/* $OpenBSD: cryptodev.c,v 1.12 2001/06/16 10:46:03 deraadt Exp $ */
/*
* Copyright (c) 2001 Theo de Raadt
@@ -201,7 +201,11 @@ cryptof_ioctl(fp, cmd, data, p)
if (txform) {
crie.cri_alg = txform->type;
- crie.cri_klen = sop->keylen * 8; /* XXX range check */
+ crie.cri_klen = sop->keylen * 8;
+ if (sop->keylen != txform->maxkey) {
+ error = EINVAL;
+ goto bail;
+ }
MALLOC(crie.cri_key, u_int8_t *,
crie.cri_klen / 8, M_XDATA, M_WAITOK);
@@ -214,7 +218,11 @@ cryptof_ioctl(fp, cmd, data, p)
if (thash) {
cria.cri_alg = thash->type;
- cria.cri_klen = sop->mackeylen * 8; /* XXX range check */
+ cria.cri_klen = sop->mackeylen * 8;
+ if (sop->mackeylen != thash->keysize) {
+ error = EINVAL;
+ goto bail;
+ }
MALLOC(cria.cri_key, u_int8_t *,
cria.cri_klen / 8, M_XDATA, M_WAITOK);
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-17 06:57:04 +0000