lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 11 Nov 2013 09:28:09 +0800
From:	Herbert Xu <herbert@...dor.apana.org.au>
To:	Michal Nazarewicz <mpn@...gle.com>
Cc:	"David S. Miller" <davem@...emloft.net>,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
	Michal Nazarewicz <mina86@...a86.com>
Subject: Re: [PATCH RESEND] crypto: make sure *blkcipher_walk_init properly
 initialises walk

On Sun, Nov 10, 2013 at 07:38:01PM +0100, Michal Nazarewicz wrote:
> From: Michal Nazarewicz <mina86@...a86.com>
> 
> blkcipher_walk_init and ablkcipher_walk_init functions are called
> to initialise a walk structure allocated on stack, which is not
> initialised by the caller.  This means, that the fields of the
> structure contain garbage when *_init is run.
> 
> The *_init functions do not initialise all of the fields though,
> and in particular leave flags field as is.  This results in field
> containing unspecified value.
> 
> Zeroing the whole structure makes sure that all of the fields
> are initialised to the same value regardless of the values stored
> on the stack prior to the call to the *_init function.
> 
> Signed-off-by: Michal Nazarewicz <mina86@...a86.com>

Nack.  The field flags is used as a bit-field and all bits other
than those initialised that you see are used internally by the
walker function and will be initialised on demand.

Please do not just rely on tools such as coverity and actually
read the code when submitting patches.

Thanks,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ