Commit 1c8fca1d92e14859159a82b8a380d220139b7344
Committed by
Linus Torvalds
1 parent
ffc8b30866
Exists in
master
and in
20 other branches
crypto: sanitize argument for format string
The template lookup interface does not provide a way to use format strings, so make sure that the interface cannot be abused accidentally. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: "David S. Miller" <davem@davemloft.net> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Showing 1 changed file with 2 additions and 1 deletions Side-by-side Diff
crypto/algapi.c
... | ... | @@ -495,7 +495,8 @@ |
495 | 495 | |
496 | 496 | struct crypto_template *crypto_lookup_template(const char *name) |
497 | 497 | { |
498 | - return try_then_request_module(__crypto_lookup_template(name), name); | |
498 | + return try_then_request_module(__crypto_lookup_template(name), "%s", | |
499 | + name); | |
499 | 500 | } |
500 | 501 | EXPORT_SYMBOL_GPL(crypto_lookup_template); |
501 | 502 |