forked from luck/tmp_suning_uos_patched
a32a2d831d
[ Upstream commit 28096067686c5a5cbd4c35b079749bd805df5010 ] A review of the code showed, that this function which is exposed within the whole kernel should do a parameter check for the amount of bytes requested. If this requested bytes is too high an unsigned int overflow could happen causing this function to try to memcpy a really big memory chunk. This is not a security issue as there are only two invocations of this function from arch/s390/include/asm/archrandom.h and both are not exposed to userland. Reported-by: Sven Schnelle <svens@linux.ibm.com> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Signed-off-by: Heiko Carstens <hca@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
---|---|---|
.. | ||
aes_s390.c | ||
arch_random.c | ||
crc32-vx.c | ||
crc32be-vx.S | ||
crc32le-vx.S | ||
des_s390.c | ||
ghash_s390.c | ||
Makefile | ||
paes_s390.c | ||
prng.c | ||
sha_common.c | ||
sha.h | ||
sha1_s390.c | ||
sha3_256_s390.c | ||
sha3_512_s390.c | ||
sha256_s390.c | ||
sha512_s390.c |