Date: Thu, 16 Oct 2014 18:31:53 GMT From: John-Mark Gurney <jmg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 1201689 for review Message-ID: <201410161831.s9GIVrCo053707@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@1201689?ac=10 Change 1201689 by jmg@jmg_carbon2 on 2014/10/16 18:31:41 switch if statements around so that we don't hit a NULL deref... add comment that _ICM is the same for both encryption and decryption... This is part of the results from reviewing stage 2... Submitted by: Mike Hamburg Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#10 edit Differences ... ==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#10 (text+ko) ==== @@ -332,14 +332,14 @@ } } - /* CBC & XTS can only handle full blocks for now */ - if ((enccrd->crd_alg == CRYPTO_AES_CBC || enccrd->crd_alg == - CRYPTO_AES_XTS) && (enccrd->crd_len % AES_BLOCK_LEN) != 0) { + if (enccrd == NULL || (needauth && authcrd == NULL)) { error = EINVAL; goto out; } - if (enccrd == NULL || (needauth && authcrd == NULL)) { + /* CBC & XTS can only handle full blocks for now */ + if ((enccrd->crd_alg == CRYPTO_AES_CBC || enccrd->crd_alg == + CRYPTO_AES_XTS) && (enccrd->crd_len % AES_BLOCK_LEN) != 0) { error = EINVAL; goto out; } @@ -552,6 +552,7 @@ enccrd->crd_len, buf, ses->iv); break; case CRYPTO_AES_ICM: + /* encryption & decryption are the same */ aesni_encrypt_icm(ses->rounds, ses->enc_schedule, enccrd->crd_len, buf, buf, ses->iv); break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410161831.s9GIVrCo053707>