Am Mittwoch, 11. Juli 2018, 05:59:05 CEST schrieb Eric Biggers: Hi Eric,
> From: Eric Biggers <ebigg...@google.com> > > It was forgotten to increase DH_KPP_SECRET_MIN_SIZE to include 'q_size', > causing an out-of-bounds write of 4 bytes in crypto_dh_encode_key(), and > an out-of-bounds read of 4 bytes in crypto_dh_decode_key(). Fix it. > Also add a BUG_ON() if crypto_dh_encode_key() doesn't exactly fill the > buffer, as that would have found this bug without resorting to KASAN. > > Reported-by: syzbot+6d38d558c25b53b8f...@syzkaller.appspotmail.com > Fixes: e3fe0ae12962 ("crypto: dh - add public key verification test") > Signed-off-by: Eric Biggers <ebigg...@google.com> Thanks. Reviewed-by: Stephan Müller <smuel...@chronox.de> Ciao Stephan