Searched hist:a637243270fc1faae16de059091795c32d86e65e (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/tee/ |
| H A D | tee_svc_cryp.c | a637243270fc1faae16de059091795c32d86e65e Thu Sep 27 08:24:26 UTC 2018 Joakim Bech <joakim.bech@linaro.org> svc: check for allocation overflow in crypto calls
Without checking for overflow there is a risk of allocating a buffer
with size smaller than anticipated and as a consequence of that it might
lead to a heap based overflow with attacker controlled data written
outside the boundaries of the buffer.
Fixes: OP-TEE-2018-0010: "Integer overflow in crypto system calls (x2)"
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7, v8)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reported-by: Riscure <inforequest@riscure.com>
Reported-by: Alyssa Milburn <a.a.milburn@vu.nl>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|