crypto: sanitize argument for format string

The template lookup interface does not provide a way to use format strings, so make sure that the interface cannot be abused accidentally. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

crypto: sanitize argument for format string
The template lookup interface does not provide a way to use format strings, so make sure that the interface cannot be abused accidentally. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Kees Cook · Linus Torvalds
1 parent ffc8b30866
Showing 1 changed file with 2 additions and 1 deletions Side-by-side Diff
crypto/algapi.c
@@ -495,7 +495,8 @@
  
 struct crypto_template *crypto_lookup_template(const char *name)
 {
-	return try_then_request_module(__crypto_lookup_template(name), name);
+	return try_then_request_module(__crypto_lookup_template(name), "%s",
+				       name);
 }
 EXPORT_SYMBOL_GPL(crypto_lookup_template);
...	...	@@ -495,7 +495,8 @@
495	495
496	496	struct crypto_template crypto_lookup_template(const char name)
497	497	{
498		- return try_then_request_module(__crypto_lookup_template(name), name);
	498	+ return try_then_request_module(__crypto_lookup_template(name), "%s",
	499	+ name);
499	500	}
500	501	EXPORT_SYMBOL_GPL(crypto_lookup_template);
501	502