master

stavewucrypto: lzo - Fix compression buffer overrun

feb620ca创建于 2025年7月17日历史提交

文件	最后提交记录	最后更新时间
Makefile	crypto: lzo - Fix compression buffer overrun mainline inclusion from mainline-v6.15-rc1 commit cc47f07234f72cbd8e2c973cdbf2a6730660a463 category: bugfix issue: #ICLVPO CVE: CVE-2025-38068 Signed-off-by: Tengda Wu <wutengda2@huawei.com> --------------------------------------- Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the buffer length provided by the caller. Add a safe compression interface that checks for the end of buffer before each write. Use the safe interface in crypto/lzo. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>	10 个月前
lzo1x_compress.c	crypto: lzo - Fix compression buffer overrun mainline inclusion from mainline-v6.15-rc1 commit cc47f07234f72cbd8e2c973cdbf2a6730660a463 category: bugfix issue: #ICLVPO CVE: CVE-2025-38068 Signed-off-by: Tengda Wu <wutengda2@huawei.com> --------------------------------------- Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the buffer length provided by the caller. Add a safe compression interface that checks for the end of buffer before each write. Use the safe interface in crypto/lzo. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>	10 个月前
lzo1x_compress_safe.c	crypto: lzo - Fix compression buffer overrun mainline inclusion from mainline-v6.15-rc1 commit cc47f07234f72cbd8e2c973cdbf2a6730660a463 category: bugfix issue: #ICLVPO CVE: CVE-2025-38068 Signed-off-by: Tengda Wu <wutengda2@huawei.com> --------------------------------------- Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the buffer length provided by the caller. Add a safe compression interface that checks for the end of buffer before each write. Use the safe interface in crypto/lzo. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: David Sterba <dsterba@suse.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>	10 个月前
lzo1x_decompress_safe.c	docs: move remaining stuff under Documentation/*.txt to Documentation/staging There are several files that I was unable to find a proper place for them, and 3 ones that are still in plain old text format. Let's place those stuff behind the carpet, as we'd like to keep the root directory clean. We can later discuss and move those into better places. Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org> Link: https://lore.kernel.org/r/11bd0d75e65a874f7c276a0aeab0fe13f3376f5f.1592203650.git.mchehab+huawei@kernel.org Signed-off-by: Jonathan Corbet <corbet@lwn.net>	5 年前
lzodefs.h	lib/lzo: separate lzo-rle from lzo To prevent any issues with persistent data, separate lzo-rle from lzo so that it is treated as a separate algorithm, and lzo is still available. Link: http://lkml.kernel.org/r/20190205155944.16007-3-dave.rodgman@arm.com Signed-off-by: Dave Rodgman <dave.rodgman@arm.com> Cc: David S. Miller <davem@davemloft.net> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Markus F.X.J. Oberhumer <markus@oberhumer.com> Cc: Matt Sealey <matt.sealey@arm.com> Cc: Minchan Kim <minchan@kernel.org> Cc: Nitin Gupta <nitingupta910@gmail.com> Cc: Richard Purdie <rpurdie@openedhand.com> Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com> Cc: Sonny Rao <sonnyrao@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	7 年前