Module Name: src Committed By: riastradh Date: Sun May 22 11:35:05 UTC 2022
Modified Files: src/sys/dev/pci: ubsec.c Log Message: ubsec(4): Assert crp_sid is valid. If opencrypto passes a bad sid in, that's a bug in opencrypto that needs to be fixed, not a user-triggered invalid input that we need to fail gracefully on. To generate a diff of this commit: cvs rdiff -u -r1.55 -r1.56 src/sys/dev/pci/ubsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/dev/pci/ubsec.c diff -u src/sys/dev/pci/ubsec.c:1.55 src/sys/dev/pci/ubsec.c:1.56 --- src/sys/dev/pci/ubsec.c:1.55 Sun May 22 11:30:58 2022 +++ src/sys/dev/pci/ubsec.c Sun May 22 11:35:05 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ubsec.c,v 1.55 2022/05/22 11:30:58 riastradh Exp $ */ +/* $NetBSD: ubsec.c,v 1.56 2022/05/22 11:35:05 riastradh Exp $ */ /* $FreeBSD: src/sys/dev/ubsec/ubsec.c,v 1.6.2.6 2003/01/23 21:06:43 sam Exp $ */ /* $OpenBSD: ubsec.c,v 1.143 2009/03/27 13:31:30 reyk Exp$ */ @@ -35,7 +35,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ubsec.c,v 1.55 2022/05/22 11:30:58 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ubsec.c,v 1.56 2022/05/22 11:35:05 riastradh Exp $"); #undef UBSEC_DEBUG @@ -1158,10 +1158,9 @@ ubsec_process(void *arg, struct cryptop u_int16_t flags = 0; int ivlen = 0, keylen = 0; - if (UBSEC_SESSION(crp->crp_sid) >= sc->sc_nsessions) { - ubsecstats.hst_badsession++; - return (EINVAL); - } + KASSERTMSG(UBSEC_SESSION(crp->crp_sid) < sc->sc_nsessions, + "invalid session id 0x%"PRIx64", nsessions=%d", + crp->crp_sid, sc->sc_nsessions); mutex_spin_enter(&sc->sc_mtx);