lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20160906091025.20726b83@mschwide>
Date:   Tue, 6 Sep 2016 09:10:25 +0200
From:   Martin Schwidefsky <schwidefsky@...ibm.com>
To:     Colin King <colin.king@...onical.com>
Cc:     Herbert Xu <herbert@...dor.apana.org.au>,
        "David S . Miller" <davem@...emloft.net>,
        Heiko Carstens <heiko.carstens@...ibm.com>,
        linux-crypto@...r.kernel.org, linux-s390@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] s390/crypto: initialize ret to zero to avoid returning
 garbage value

On Mon,  5 Sep 2016 17:21:18 +0100
Colin King <colin.king@...onical.com> wrote:

> From: Colin Ian King <colin.king@...onical.com>
> 
> static analysis with cppcheck detected that ret is not initialized
> and hence garbage is potentially being returned in the case where
> prng_data->ppnows.reseed_counter <= prng_reseed_limit.
> 
> Signed-off-by: Colin Ian King <colin.king@...onical.com>
> ---
>  arch/s390/crypto/prng.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/s390/crypto/prng.c b/arch/s390/crypto/prng.c
> index 79e3a1f..a21fdf4 100644
> --- a/arch/s390/crypto/prng.c
> +++ b/arch/s390/crypto/prng.c
> @@ -412,7 +412,7 @@ static int prng_sha512_reseed(void)
> 
>  static int prng_sha512_generate(u8 *buf, size_t nbytes)
>  {
> -	int ret;
> +	int ret = 0;
> 
>  	/* reseed needed ? */
>  	if (prng_data->ppnows.reseed_counter > prng_reseed_limit) {

This issue has been introduced by git commit 0177db01adf26cf9
"s390/crypto: simplify return code handling" which is only on
the features branch right now. And to set ret=0 does not fix
the problem. The correct fix is to return nbytes.

Still a good catch though.

-- 
blue skies,
   Martin.

"Reality continues to ruin my life." - Calvin.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ