From 1ff296c1ae7c7f5a6883777c562d54f5cd83161a Mon Sep 17 00:00:00 2001 From: Ilya Dryomov Date: Mon, 30 Sep 2019 17:50:55 +0200 Subject: [PATCH] common/secret.c: don't pass uninitialized stack data to the kernel ceph_unarmor() returns the number of bytes decoded, which can be (and usually is) smaller than the size of the payload array. set_kernel_secret() has behaved this way ever since it was introduced in commit bee85518e288 ("mount.ceph: Use kernel key management API when possible."). The reason it didn't cause problems in the kernel is that the encoding includes the actual length of the secret and there is no check for the end of the supplied payload (see ceph_key_preparse() in net/ceph/crypto.c). Signed-off-by: Ilya Dryomov --- src/common/secret.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/secret.c b/src/common/secret.c index 83fcf10df51..8cfd2ec5df5 100644 --- a/src/common/secret.c +++ b/src/common/secret.c @@ -69,7 +69,7 @@ int set_kernel_secret(const char *secret, const char *key_name) return ret; } - serial = add_key("ceph", key_name, payload, sizeof(payload), KEY_SPEC_PROCESS_KEYRING); + serial = add_key("ceph", key_name, payload, ret, KEY_SPEC_PROCESS_KEYRING); if (serial == -1) { ret = -errno; }