Please sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
svc: check for allocation overflow in syscall_cryp_obj_populate
Without checking for overflow there is a risk of allocating a buffer with size smaller than anticipated and as a consequence of that it might lead to a heap based overflow with attacker controlled data written outside the boundaries of the buffer. Fixes: OP-TEE-2018-0009: "Integer overflow in crypto system calls" Signed-off-by: Joakim Bech <email@example.com> Tested-by: Joakim Bech <firstname.lastname@example.org> (QEMU v7, v8) Reviewed-by: Jens Wiklander <email@example.com> Reported-by: Riscure <firstname.lastname@example.org> Reported-by: Alyssa Milburn <email@example.com> Acked-by: Etienne Carriere <firstname.lastname@example.org>
- Loading branch information