lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3bab6e88-739e-43ca-894c-82c17e0177bc@stanley.mountain>
Date: Thu, 15 Aug 2024 00:11:51 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Pavitrakumar M <pavitrakumarm@...avyalabs.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
	"David S. Miller" <davem@...emloft.net>,
	Bhoomika K <bhoomikak@...avyalabs.com>,
	Ruud Derwig <Ruud.Derwig@...opsys.com>,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 1/3] crypto: spacc - Fix bounds checking on spacc->job[]

This bounds checking is off by one.  The > should be >=.  The
spacc->job[] array is allocated in spacc_init() and it has
SPACC_MAX_JOBS elements.

Fixes: 8ebb14deef0f ("crypto: spacc - Enable SPAcc AUTODETECT")
Fixes: c8981d9230d8 ("crypto: spacc - Add SPAcc Skcipher support")
Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
---
 drivers/crypto/dwc-spacc/spacc_core.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/dwc-spacc/spacc_core.c b/drivers/crypto/dwc-spacc/spacc_core.c
index 9bc49de06bb2..e3380528e82b 100644
--- a/drivers/crypto/dwc-spacc/spacc_core.c
+++ b/drivers/crypto/dwc-spacc/spacc_core.c
@@ -1024,7 +1024,7 @@ int spacc_set_operation(struct spacc_device *spacc, int handle, int op,
 	int ret = CRYPTO_OK;
 	struct spacc_job *job = NULL;
 
-	if (handle < 0 || handle > SPACC_MAX_JOBS)
+	if (handle < 0 || handle >= SPACC_MAX_JOBS)
 		return -ENXIO;
 
 	job = &spacc->job[handle];
@@ -1105,7 +1105,7 @@ int spacc_packet_enqueue_ddt_ex(struct spacc_device *spacc, int use_jb,
 	struct spacc_job *job;
 	int ret = CRYPTO_OK, proc_len;
 
-	if (job_idx < 0 || job_idx > SPACC_MAX_JOBS)
+	if (job_idx < 0 || job_idx >= SPACC_MAX_JOBS)
 		return -ENXIO;
 
 	switch (prio)  {
@@ -1331,7 +1331,7 @@ static int spacc_set_auxinfo(struct spacc_device *spacc, int jobid,
 	int ret = CRYPTO_OK;
 	struct spacc_job *job;
 
-	if (jobid < 0 || jobid > SPACC_MAX_JOBS)
+	if (jobid < 0 || jobid >= SPACC_MAX_JOBS)
 		return -ENXIO;
 
 	job = &spacc->job[jobid];
@@ -2364,7 +2364,7 @@ int spacc_set_key_exp(struct spacc_device *spacc, int job_idx)
 	struct spacc_ctx *ctx = NULL;
 	struct spacc_job *job = NULL;
 
-	if (job_idx < 0 || job_idx > SPACC_MAX_JOBS) {
+	if (job_idx < 0 || job_idx >= SPACC_MAX_JOBS) {
 		pr_debug("ERR: Invalid Job id specified (out of range)\n");
 		return -ENXIO;
 	}
-- 
2.43.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ