common/secret.c: don't pass uninitialized stack data to the kernel
ceph_unarmor() returns the number of bytes decoded, which can be (and
usually is) smaller than the size of the payload array.
set_kernel_secret() has behaved this way ever since it was introduced
in commit
bee85518e288 ("mount.ceph: Use kernel key management API when
possible."). The reason it didn't cause problems in the kernel is that
the encoding includes the actual length of the secret and there is no
check for the end of the supplied payload (see ceph_key_preparse() in
net/ceph/crypto.c).
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
projects / ceph.git / commit