zhenwei pi 9d38a84347 virtio-crypto: verify src&dst buffer length for sym request ... For symmetric algorithms, the length of ciphertext must be as same as the plaintext. The missing verification of the src_len and the dst_len in virtio_crypto_sym_op_helper() may lead buffer overflow/divulged. This patch is originally written by Yiming Tao for QEMU-SECURITY, resend it(a few changes of error message) in qemu-devel. Fixes: CVE-2023-3180 Fixes: 04b9b37edda("virtio-crypto: add data queue processing handler") Cc: Gonglei <arei.gonglei@huawei.com> Cc: Mauro Matteo Cascella <mcascell@redhat.com> Cc: Yiming Tao <taoym@zju.edu.cn> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Message-Id: <20230803024314.29962-2-pizhenwei@bytedance.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>		2023-08-03 16:16:17 -04:00
..
Kconfig
meson.build
trace-events
trace.h
vdpa-dev-pci.c
vdpa-dev.c
vhost-backend.c
vhost-iova-tree.c
vhost-iova-tree.h
vhost-scsi-pci.c
vhost-shadow-virtqueue.c
vhost-shadow-virtqueue.h
vhost-stub.c
vhost-user-blk-pci.c
vhost-user-fs-pci.c
vhost-user-fs.c
vhost-user-gpio-pci.c
vhost-user-gpio.c
vhost-user-i2c-pci.c
vhost-user-i2c.c
vhost-user-input-pci.c
vhost-user-rng-pci.c
vhost-user-rng.c
vhost-user-scmi-pci.c
vhost-user-scmi.c
vhost-user-scsi-pci.c
vhost-user-vsock-pci.c
vhost-user-vsock.c
vhost-user.c
vhost-vdpa.c
vhost-vsock-common.c
vhost-vsock-pci.c
vhost-vsock.c
vhost.c
virtio-9p-pci.c
virtio-balloon-pci.c
virtio-balloon.c
virtio-blk-pci.c
virtio-bus.c
virtio-config-io.c
virtio-crypto-pci.c
virtio-crypto.c	virtio-crypto: verify src&dst buffer length for sym request	2023-08-03 16:16:17 -04:00
virtio-hmp-cmds.c
virtio-input-host-pci.c
virtio-input-pci.c
virtio-iommu-pci.c
virtio-iommu.c
virtio-md-pci.c
virtio-mem-pci.c
virtio-mem-pci.h
virtio-mem.c
virtio-mmio.c
virtio-net-pci.c
virtio-pci.c
virtio-pmem-pci.c
virtio-pmem-pci.h
virtio-pmem.c
virtio-qmp.c
virtio-qmp.h
virtio-rng-pci.c
virtio-rng.c
virtio-scsi-pci.c
virtio-serial-pci.c
virtio-stub.c
virtio.c