Date: Mon, 26 Feb 2018 22:17:28 +0000 (UTC) From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r330042 - head/sys/dev/cxgbe/crypto Message-ID: <201802262217.w1QMHSmv015598@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhb Date: Mon Feb 26 22:17:27 2018 New Revision: 330042 URL: https://svnweb.freebsd.org/changeset/base/330042 Log: Don't overflow the ipad[] array when clearing the remainder. After the auth key is copied into the ipad[] array, any remaining bytes are cleared to zero (in case the key is shorter than one block size). The full block size was used as the length of the zero rather than the size of the remaining ipad[]. In practice this overflow was harmless as it could only clear bytes in the following opad[] array which is initialized with a copy of ipad[] in the next statement. Sponsored by: Chelsio Communications Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c Modified: head/sys/dev/cxgbe/crypto/t4_crypto.c ============================================================================== --- head/sys/dev/cxgbe/crypto/t4_crypto.c Mon Feb 26 22:12:31 2018 (r330041) +++ head/sys/dev/cxgbe/crypto/t4_crypto.c Mon Feb 26 22:17:27 2018 (r330042) @@ -1764,7 +1764,7 @@ ccr_init_hmac_digest(struct ccr_session *s, int cri_al } else memcpy(s->hmac.ipad, key, klen); - memset(s->hmac.ipad + klen, 0, axf->blocksize); + memset(s->hmac.ipad + klen, 0, axf->blocksize - klen); memcpy(s->hmac.opad, s->hmac.ipad, axf->blocksize); for (i = 0; i < axf->blocksize; i++) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802262217.w1QMHSmv015598>