Hi Linus:
This push fixes a bug in pkcs7_validate_trust and its users where
the output value may in fact be taken from uninitialised memory.
Please pull from
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus
Nicolai Stange (1):
PKCS#7: pkcs7_validate_trust(): in
Tadeusz Struk wrote:
> + keyring = request_key(&key_type_asymmetric, key_name, NULL);
> +
> + err = -ENOKEY;
> + if (IS_ERR(keyring))
> + goto out;
> +
> + pkey = keyring->payload.data[asym_crypto];
NAK. This is liable to crash in future. You may not assume that you
Hi David,
On 03/30/2016 09:31 AM, David Howells wrote:
>> +keyring = request_key(&key_type_asymmetric, key_name, NULL);
>> > +
>> > + err = -ENOKEY;
>> > + if (IS_ERR(keyring))
>> > + goto out;
>> > +
>> > + pkey = keyring->payload.data[asym_crypto];
> NAK. This is liable to crash
> Tadeusz Struk wrote:
>
>> +keyring = request_key(&key_type_asymmetric, key_name, NULL);
>> +
>> +err = -ENOKEY;
>> +if (IS_ERR(keyring))
>> +goto out;
>> +
>> +pkey = keyring->payload.data[asym_crypto];
>
> NAK. This is liable to crash in future. You may not assume
> Tadeusz Struk wrote:
>
>> +keyring = request_key(&key_type_asymmetric, key_name, NULL);
>> +
>> +err = -ENOKEY;
>> +if (IS_ERR(keyring))
>> +goto out;
>> +
>> +pkey = keyring->payload.data[asym_crypto];
>
> NAK. This is liable to crash in future. You may not assume
I've tested this patch in our scenario and I can confirm that it still
fixes all of our issues.
On 22/03/16 23:53, Steffen Klassert wrote:
> On Tue, Mar 15, 2016 at 01:28:01PM +0100, Steffen Klassert wrote:
>> On Mon, Mar 14, 2016 at 09:52:05PM +, Mark McKinstry wrote:
>>> Your patch adds a d
