提交 66bf0937 编写于 作者: H Harsh Jain 提交者: Herbert Xu

crypto: chcr - Fix memory corruption

Fix memory corruption done by  *((u32 *)dec_key + k)
 operation.
Signed-off-by: NJitendra Lulla <JLULLA@chelsio.com>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
上级 51029812
...@@ -422,7 +422,7 @@ static inline void get_aes_decrypt_key(unsigned char *dec_key, ...@@ -422,7 +422,7 @@ static inline void get_aes_decrypt_key(unsigned char *dec_key,
{ {
u32 temp; u32 temp;
u32 w_ring[MAX_NK]; u32 w_ring[MAX_NK];
int i, j, k = 0; int i, j, k;
u8 nr, nk; u8 nr, nk;
switch (keylength) { switch (keylength) {
...@@ -460,6 +460,7 @@ static inline void get_aes_decrypt_key(unsigned char *dec_key, ...@@ -460,6 +460,7 @@ static inline void get_aes_decrypt_key(unsigned char *dec_key,
temp = w_ring[i % nk]; temp = w_ring[i % nk];
i++; i++;
} }
i--;
for (k = 0, j = i % nk; k < nk; k++) { for (k = 0, j = i % nk; k < nk; k++) {
*((u32 *)dec_key + k) = htonl(w_ring[j]); *((u32 *)dec_key + k) = htonl(w_ring[j]);
j--; j--;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册