lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 15 Jan 2014 12:15:16 +0530
From:	Naveen Krishna Ch <naveenkrishna.ch@...il.com>
To:	Tomasz Figa <t.figa@...sung.com>
Cc:	Naveen Krishna Chatradhi <ch.naveen@...sung.com>,
	linux-crypto@...r.kernel.org,
	"linux-samsung-soc@...r.kernel.org" 
	<linux-samsung-soc@...r.kernel.org>, linux-kernel@...r.kernel.org,
	Vladimir Zapolskiy <vzapolskiy@...il.com>,
	herbert@...dor.apana.org.au, cpgs@...sung.com,
	tomasz.figa@...il.com
Subject: Re: [PATCH 7/8 v3] crypto:s5p-sss: validate iv before memcpy

Hello Tomasz,

On 10 January 2014 21:33, Tomasz Figa <t.figa@...sung.com> wrote:
> Hi Naveen,
>
>
> On 10.01.2014 12:45, Naveen Krishna Chatradhi wrote:
>>
>> This patch adds code to validate "iv" buffer before trying to
>> memcpy the contents
>>
>> Signed-off-by: Naveen Krishna Chatradhi <ch.naveen@...sung.com>
>> ---
>> Changes since v2:
>> None
>>
>>   drivers/crypto/s5p-sss.c |    5 +++--
>>   1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/crypto/s5p-sss.c b/drivers/crypto/s5p-sss.c
>> index f274f5f..7058bb6 100644
>> --- a/drivers/crypto/s5p-sss.c
>> +++ b/drivers/crypto/s5p-sss.c
>> @@ -381,8 +381,9 @@ static void s5p_set_aes(struct s5p_aes_dev *dev,
>>         struct samsung_aes_variant *var = dev->variant;
>>         void __iomem *keystart;
>>
>> -       memcpy(dev->ioaddr + SSS_REG_AES_IV_DATA
>> -                               (var->aes_offset, 0), iv, 0x10);
>> +       if (iv)
>> +               memcpy(dev->ioaddr + SSS_REG_AES_IV_DATA
>> +                                       (var->aes_offset, 0), iv, 0x10);
>
>
> In what conditions can the iv end up being NULL?
req->info is the initialization vector in our case, which comes from user space.
Its good to have a check to avoid any crashes.

Also AES ECB mode does not use IV.
>
> Best regards,
> Tomasz



-- 
Shine bright,
(: Nav :)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ