projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b69aee0)
[CRYPTO] Fix boundary check in standard multi-block cipher processors
authorHerbert Xu <herbert@gondor.apana.org.au>
Tue, 6 Sep 2005 21:49:44 +0000 (14:49 -0700)
committerDavid S. Miller <davem@davemloft.net>
Tue, 6 Sep 2005 21:49:44 +0000 (14:49 -0700)
The boundary check in the standard multi-block cipher processors are
broken when nbytes is not a multiple of bsize.  In those cases it will
always process an extra block.

This patch corrects the check so that it processes at most nbytes of
data.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
crypto/cipher.c patch | blob | history

diff --git a/crypto/cipher.c b/crypto/cipher.c
index 3df47f93c9db01e0a19da8af237ab800ae9d34b1..dfd4bcfc59758332d8ae82fc1d0db2e009c9b26a 100644 (file)
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -191,6 +191,8 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc,
        u8 *iv = desc->info;
        unsigned int done = 0;
 
+       nbytes -= bsize;
+
        do {
                xor(iv, src);
                fn(crypto_tfm_ctx(tfm), dst, iv);
@@ -198,7 +200,7 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc,
 
                src += bsize;
                dst += bsize;
-       } while ((done += bsize) < nbytes);
+       } while ((done += bsize) <= nbytes);
 
        return done;
 }
@@ -219,6 +221,8 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc,
        u8 *iv = desc->info;
        unsigned int done = 0;
 
+       nbytes -= bsize;
+
        do {
                u8 *tmp_dst = *dst_p;
 
@@ -230,7 +234,7 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc,
 
                src += bsize;
                dst += bsize;
-       } while ((done += bsize) < nbytes);
+       } while ((done += bsize) <= nbytes);
 
        return done;
 }
@@ -243,12 +247,14 @@ static unsigned int ecb_process(const struct cipher_desc *desc, u8 *dst,
        void (*fn)(void *, u8 *, const u8 *) = desc->crfn;
        unsigned int done = 0;
 
+       nbytes -= bsize;
+
        do {
                fn(crypto_tfm_ctx(tfm), dst, src);
 
                src += bsize;
                dst += bsize;
-       } while ((done += bsize) < nbytes);
+       } while ((done += bsize) <= nbytes);
 
        return done;
 }
John Crispins staging tree