[src/trunk]: src/sys/opencrypto No change. Forced commit to record commit mes...

[jonathan <jonathan%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/d6c88f178e7e
branches:  trunk
changeset: 583788:d6c88f178e7e
user:      jonathan <jonathan%NetBSD.org@localhost>
date:      Mon Aug 22 23:11:47 2005 +0000

description:
No change. Forced commit to record commit message for previous revision, viz:

Fix vulnerability to a denial-of-service attack which passes a
length-0 crypto op. Check for zero length and return EINVAL, taken from:

    http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26

Original FreeBSD log mesage:

  Modified files:
    sys/opencrypto       cryptodev.c
  Log:
  Fix bogus check. It was possible to panic the kernel by giving 0 length.
  This is actually a local DoS, as every user can use /dev/crypto if there
  is crypto hardware in the system and cryptodev.ko is loaded (or compiled
  into the kernel).

  Reported by:    Mike Tancsa <mike%sentex.net@localhost>


thanks to Sam Leffler for passing on a heads-up about this issue.

diffstat:

 sys/opencrypto/cryptodev.c |  4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diffs (18 lines):

diff -r 10ac4909a944 -r d6c88f178e7e sys/opencrypto/cryptodev.c
--- a/sys/opencrypto/cryptodev.c        Mon Aug 22 23:06:34 2005 +0000
+++ b/sys/opencrypto/cryptodev.c        Mon Aug 22 23:11:47 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: cryptodev.c,v 1.13 2005/08/22 23:06:34 jonathan Exp $ */
+/*     $NetBSD: cryptodev.c,v 1.14 2005/08/22 23:11:47 jonathan Exp $ */
 /*     $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $        */
 /*     $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $   */
 
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.13 2005/08/22 23:06:34 jonathan Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptodev.c,v 1.14 2005/08/22 23:11:47 jonathan Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>