| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jun 2018 10:14:26 -0700
From: Eric Biggers <ebiggers3@...il.com>
To: David Howells <dhowells@...hat.com>
Cc: James Morris <jmorris@...ei.org>, keyrings@...r.kernel.org,
linux-security-module@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com, Tycho Andersen <tycho@...ho.ws>,
Kees Cook <keescook@...omium.org>,
Stephan Mueller <smueller@...onox.de>,
Eric Biggers <ebiggers@...gle.com>
Subject: Re: [PATCH] dh key: fix rounding up KDF output length
Hi David,
On Fri, Jun 08, 2018 at 04:37:58PM +0100, David Howells wrote:
> Eric Biggers <ebiggers3@...il.com> wrote:
>
> > Commit 383203eff718 ("dh key: get rid of stack allocated array") changed
> > kdf_ctr() to assume that the length of key material to derive is a
> > multiple of the digest size. The length was supposed to be rounded up
> > accordingly. However, the round_up() macro was used which only gives
> > the correct result on power-of-2 arguments, whereas not all hash
> > algorithms have power-of-2 digest sizes. In some cases this resulted in
> > a write past the end of the 'outbuf' buffer.
> >
> > Fix it by switching to roundup(), which works for non-power-of-2 inputs.
>
> Applied.
Applied to where? When are you planning to send this to Linus? Note that this
was a regression from v4.17 to v4.18-rc1.
Thanks,
- Eric
Powered by blists - more mailing lists