aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGordon Tetlow <gordon@FreeBSD.org>2020-05-12 16:59:09 +0000
committerGordon Tetlow <gordon@FreeBSD.org>2020-05-12 16:59:09 +0000
commit928384869490921c8ed04dc2aa155cbca53eaefa (patch)
treeed995434e5813ba89489e4da910a89f580738d35
parent63e2b5084259befcc2f60a0967af6e677be16cb4 (diff)
downloadsrc-928384869490921c8ed04dc2aa155cbca53eaefa.tar.gz
src-928384869490921c8ed04dc2aa155cbca53eaefa.zip
Fix insufficient cryptodev MAC key length check.
Approved by: so Security: FreeBSD-SA-20:16.cryptodev Security: CVE-2019-15880
Notes
Notes: svn path=/releng/12.1/; revision=360977
-rw-r--r--sys/opencrypto/cryptodev.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index 8feee00b7a83..ff8455528db8 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -602,8 +602,8 @@ cryptof_ioctl(
if (thash) {
cria.cri_alg = thash->type;
cria.cri_klen = sop->mackeylen * 8;
- if (thash->keysize != 0 &&
- sop->mackeylen > thash->keysize) {
+ if (sop->mackeylen > thash->keysize ||
+ sop->mackeylen < 0) {
CRYPTDEB("invalid mac key length");
error = EINVAL;
SDT_PROBE1(opencrypto, dev, ioctl, error,