Re: [systemd-devel] [PATCH] ask-password: prevent buffer overrow when reading from keyring

2019-05-14 Thread Lennart Poettering
On Mo, 13.05.19 16:58, Thadeu Lima de Souza Cascardo (casca...@canonical.com) wrote: > When we read from keyring, a temporary buffer is allocated in order to > determine the size needed for the entire data. However, when zeroing that > area, > we use the data size returned by the read instead

Re: [systemd-devel] [PATCH] ask-password: prevent buffer overrow when reading from keyring

2019-05-13 Thread systemd github import bot
Patchset imported to github. To create a pull request, one of the main developers has to initiate one via: -- Generated by https://github.com/haraldh/mail2git

[systemd-devel] [PATCH] ask-password: prevent buffer overrow when reading from keyring

2019-05-13 Thread Thadeu Lima de Souza Cascardo
When we read from keyring, a temporary buffer is allocated in order to determine the size needed for the entire data. However, when zeroing that area, we use the data size returned by the read instead of the lesser size allocate for the buffer. That will cause memory corruption that causes