diff options
| author | Ondrej Mosnáček <omosnace@redhat.com> | 2018-06-13 10:44:17 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-06-15 11:06:48 -0400 |
| commit | a81ae8095712d1513fe8d58527c92c439b43233e (patch) | |
| tree | ba5545a359bc33638ace2a1468f4b3c8d5d53d70 /crypto/morus640.c | |
| parent | f044a84e040b85cd609851ac88ae8b54b2cc0b75 (diff) | |
crypto: morus640 - Fix out-of-bounds access
We must load the block from the temporary variable here, not directly
from the input.
Also add forgotten zeroing-out of the uninitialized part of the
temporary block (as is done correctly in morus1280.c).
Fixes: 396be41f16fd ("crypto: morus - Add generic MORUS AEAD implementations")
Reported-by: syzbot+1fafa9c4cf42df33f716@syzkaller.appspotmail.com
Reported-by: syzbot+d82643ba80bf6937cd44@syzkaller.appspotmail.com
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/morus640.c')
| -rw-r--r-- | crypto/morus640.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/morus640.c b/crypto/morus640.c index 9fbcde307daf..5eede3749e64 100644 --- a/crypto/morus640.c +++ b/crypto/morus640.c | |||
| @@ -274,8 +274,9 @@ static void crypto_morus640_decrypt_chunk(struct morus640_state *state, u8 *dst, | |||
| 274 | union morus640_block_in tail; | 274 | union morus640_block_in tail; |
| 275 | 275 | ||
| 276 | memcpy(tail.bytes, src, size); | 276 | memcpy(tail.bytes, src, size); |
| 277 | memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size); | ||
| 277 | 278 | ||
| 278 | crypto_morus640_load_a(&m, src); | 279 | crypto_morus640_load_a(&m, tail.bytes); |
| 279 | crypto_morus640_core(state, &m); | 280 | crypto_morus640_core(state, &m); |
| 280 | crypto_morus640_store_a(tail.bytes, &m); | 281 | crypto_morus640_store_a(tail.bytes, &m); |
| 281 | memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size); | 282 | memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size); |