[systemd-devel] [PATCH] ask-password: prevent buffer overrow when reading from keyring
Lennart Poettering
lennart at poettering.net
Tue May 14 14:22:52 UTC 2019
On Mo, 13.05.19 16:58, Thadeu Lima de Souza Cascardo (cascardo at canonical.com) wrote:
> When we read from keyring, a temporary buffer is allocated in order to
> determine the size needed for the entire data. However, when zeroing that area,
> we use the data size returned by the read instead of the lesser size allocate
> for the buffer.
>
> That will cause memory corruption that causes systemd-cryptsetup to crash
> either when a single large password is used or when multiple passwords have
> already been pushed to the keyring.
>
> Signed-off-by: Thadeu Lima de Souza Cascardo
> <cascardo at canonical.com>
Converted to a github PR:
https://github.com/systemd/systemd/pull/12566
Looks great! Thanks!
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list