Date: Mon, 16 May 2016 07:12:04 +0000 (UTC) From: Andrew Rybchenko <arybchik@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r299911 - head/sys/dev/sfxge/common Message-ID: <201605160712.u4G7C4Q4075833@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: arybchik Date: Mon May 16 07:12:04 2016 New Revision: 299911 URL: https://svnweb.freebsd.org/changeset/base/299911 Log: sfxge(4): fix license validation check for V3 licenses Length consistency checks were failing for ECC hashes. Submitted by: Richard Houldsworth <rhouldsworth at solarflare.com> Sponsored by: Solarflare Communications, Inc. MFC after: 1 week Modified: head/sys/dev/sfxge/common/efx_lic.c Modified: head/sys/dev/sfxge/common/efx_lic.c ============================================================================== --- head/sys/dev/sfxge/common/efx_lic.c Mon May 16 07:00:49 2016 (r299910) +++ head/sys/dev/sfxge/common/efx_lic.c Mon May 16 07:12:04 2016 (r299911) @@ -1103,7 +1103,6 @@ fail1: /* V3 format uses Huntington TLV format partition. See SF-108797-SW */ #define EFX_LICENSE_V3_KEY_LENGTH_MIN (64) #define EFX_LICENSE_V3_KEY_LENGTH_MAX (160) -#define EFX_LICENSE_V3_HASH_LENGTH (64) __checkReturn efx_rc_t efx_lic_v3_find_start( @@ -1169,16 +1168,17 @@ efx_lic_v3_validate_key( goto fail1; } - key_type = ((uint8_t*)keyp)[0]; - key_length = ((uint8_t*)keyp)[1] + EFX_LICENSE_V3_HASH_LENGTH; - - if(key_length > EFX_LICENSE_V3_KEY_LENGTH_MAX) { + if (length > EFX_LICENSE_V3_KEY_LENGTH_MAX) { goto fail2; } + + key_type = ((uint8_t*)keyp)[0]; + key_length = ((uint8_t*)keyp)[1]; + if (key_type < 3) { goto fail3; } - if (key_length != length) { + if (key_length > length) { goto fail4; } return (B_TRUE);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605160712.u4G7C4Q4075833>