diff options
author | Ilya Dryomov <ilya.dryomov@inktank.com> | 2014-09-09 19:39:15 +0400 |
---|---|---|
committer | Ilya Dryomov <ilya.dryomov@inktank.com> | 2014-09-10 20:08:36 +0400 |
commit | c27a3e4d667fdcad3db7b104f75659478e0c68d8 (patch) | |
tree | e92bd4ec8ba94b9bf361c8df5f8d32f97b9f441c /net/l2tp | |
parent | 597cda357716a3cf8d994cb11927af917c8d71fa (diff) |
libceph: do not hard code max auth ticket len
We hard code cephx auth ticket buffer size to 256 bytes. This isn't
enough for any moderate setups and, in case tickets themselves are not
encrypted, leads to buffer overflows (ceph_x_decrypt() errors out, but
ceph_decode_copy() doesn't - it's just a memcpy() wrapper). Since the
buffer is allocated dynamically anyway, allocated it a bit later, at
the point where we know how much is going to be needed.
Fixes: http://tracker.ceph.com/issues/8979
Cc: stable@vger.kernel.org
Signed-off-by: Ilya Dryomov <ilya.dryomov@inktank.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'net/l2tp')
0 files changed, 0 insertions, 0 deletions