Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / c27a3e4d667fdcad3db7b104f75659478e0c68d8
commitc27a3e4d667fdcad3db7b104f75659478e0c68d8[log] [tgz]
authorIlya Dryomov <ilya.dryomov@inktank.com>Tue Sep 09 19:39:15 2014 +0400
committerIlya Dryomov <ilya.dryomov@inktank.com>Wed Sep 10 20:08:36 2014 +0400
treee92bd4ec8ba94b9bf361c8df5f8d32f97b9f441c
parent597cda357716a3cf8d994cb11927af917c8d71fa [diff]
libceph: do not hard code max auth ticket len

We hard code cephx auth ticket buffer size to 256 bytes.  This isn't
enough for any moderate setups and, in case tickets themselves are not
encrypted, leads to buffer overflows (ceph_x_decrypt() errors out, but
ceph_decode_copy() doesn't - it's just a memcpy() wrapper).  Since the
buffer is allocated dynamically anyway, allocated it a bit later, at
the point where we know how much is going to be needed.

Fixes: http://tracker.ceph.com/issues/8979

Cc: stable@vger.kernel.org
Signed-off-by: Ilya Dryomov <ilya.dryomov@inktank.com>
Reviewed-by: Sage Weil <sage@redhat.com>
1 file changed
tree: e92bd4ec8ba94b9bf361c8df5f8d32f97b9f441c
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS