crypto: lrw - Fix out-of bounds access on counter overflow

When the LRW block counter overflows, the current implementation returns 128 as the index to the precomputed multiplication table, which has 128 entries. This patch fixes it to return the correct value (127). Fixes: 64470f1b ("[CRYPTO] lrw: Liskov Rivest Wagner, a tweakable narrow block cipher mode") Cc: <stable@vger.kernel.org> # 2.6.20+ Reported-by: N Eric Biggers <ebiggers@kernel.org> Signed-off-by: N Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au>

crypto: lrw - Fix out-of bounds access on counter overflow
When the LRW block counter overflows, the current implementation returns 128 as the index to the precomputed multiplication table, which has 128 entries. This patch fixes it to return the correct value (127). Fixes: 64470f1b ("[CRYPTO] lrw: Liskov Rivest Wagner, a tweakable narrow block cipher mode") Cc: <stable@vger.kernel.org> # 2.6.20+ Reported-by: N Eric Biggers <ebiggers@kernel.org> Signed-off-by: N Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au>
fbe1a850 · Ondrej Mosnacek · Herbert Xu · 331351f8 · fbe1a850
显示空白变更内容
内联并排

Showing with 6 addition and 1 deletion

crypto/lrw.c crypto/lrw.c +6 -1

未找到文件。
--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -143,7 +143,12 @@ static inline int get_index128(be128 *block)
 		return x + ffz(val);
 	}

-	return x;
+	/*
+	 * If we get here, then x == 128 and we are incrementing the counter
+	 * from all ones to all zeros. This means we must return index 127, i.e.
+	 * the one corresponding to key2*{ 1,...,1 }.
+	 */
+	return 127;
 }

 static int post_crypt(struct skcipher_request *req)