On Mo, 13.05.19 16:58, Thadeu Lima de Souza Cascardo (casca...@canonical.com) 
wrote:

> When we read from keyring, a temporary buffer is allocated in order to
> determine the size needed for the entire data. However, when zeroing that 
> area,
> we use the data size returned by the read instead of the lesser size allocate
> for the buffer.
>
> That will cause memory corruption that causes systemd-cryptsetup to crash
> either when a single large password is used or when multiple passwords have
> already been pushed to the keyring.
>
> Signed-off-by: Thadeu Lima de Souza Cascardo
> <casca...@canonical.com>

Converted to a github PR:

https://github.com/systemd/systemd/pull/12566

Looks great! Thanks!

Lennart

--
Lennart Poettering, Berlin
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to