Patch "crypto: sanitize argument for format string" has been added to the 3.10-stable tree

Thu, 11 Jul 2013 11:16:20 -0700 

This is a note to let you know that I've just added the patch titled

    crypto: sanitize argument for format string

to the 3.10-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     crypto-sanitize-argument-for-format-string.patch
and it can be found in the queue-3.10 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.


>From 1c8fca1d92e14859159a82b8a380d220139b7344 Mon Sep 17 00:00:00 2001
From: Kees Cook <[email protected]>
Date: Wed, 3 Jul 2013 15:01:15 -0700
Subject: crypto: sanitize argument for format string

From: Kees Cook <[email protected]>

commit 1c8fca1d92e14859159a82b8a380d220139b7344 upstream.

The template lookup interface does not provide a way to use format
strings, so make sure that the interface cannot be abused accidentally.

Signed-off-by: Kees Cook <[email protected]>
Cc: Herbert Xu <[email protected]>
Cc: "David S. Miller" <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>

---
 crypto/algapi.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -495,7 +495,8 @@ static struct crypto_template *__crypto_
 
 struct crypto_template *crypto_lookup_template(const char *name)
 {
-       return try_then_request_module(__crypto_lookup_template(name), name);
+       return try_then_request_module(__crypto_lookup_template(name), "%s",
+                                      name);
 }
 EXPORT_SYMBOL_GPL(crypto_lookup_template);
 


Patches currently in stable-queue which might be from [email protected] are

queue-3.10/block-do-not-pass-disk-names-as-format-strings.patch
queue-3.10/charger-manager-ensure-event-is-not-used-as-format-string.patch
queue-3.10/crypto-sanitize-argument-for-format-string.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to