lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080702045555.GB11252@2ka.mipt.ru>
Date:	Wed, 2 Jul 2008 08:55:55 +0400
From:	Evgeniy Polyakov <johnpol@....mipt.ru>
To:	Adam Langley <agl@...erialviolet.org>
Cc:	Stephen Hemminger <shemminger@...tta.com>, netdev@...r.kernel.org
Subject: Re: MD5 SG fix

Hi.

On Tue, Jul 01, 2008 at 03:38:14PM -0700, Adam Langley (agl@...erialviolet.org) wrote:
> @@ -1040,9 +1079,14 @@ static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
>  	bp->daddr = daddr;
>  	bp->pad = 0;
>  	bp->protocol = protocol;
> -	bp->len = htons(tcplen);
> +	if (frags)
> +		for (i = 0; i < frags->nr_frags; ++i)
> +			nbytes += frags->frags[i].size;
> +	bp->len = htons(nbytes);
> +	nbytes = 0;
>  
> -	sg_init_table(sg, 4);
> +	sg_init_table(sg, 3 + (head_data_len > 0) +
> +		      (frags ? frags->nr_frags : 0));
>  
>  	sg_set_buf(&sg[block++], bp, sizeof(*bp));
>  	nbytes += sizeof(*bp);
> @@ -1056,11 +1100,19 @@ static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
>  	nbytes += sizeof(struct tcphdr);
>  
>  	/* 3. the TCP segment data (if any) */
> -	data_len = tcplen - (th->doff << 2);
> -	if (data_len > 0) {
> -		unsigned char *data = (unsigned char *)th + (th->doff << 2);
> -		sg_set_buf(&sg[block++], data, data_len);
> -		nbytes += data_len;
> +	if (head_data_len > 0) {
> +		unsigned char *data = (unsigned char *)th + data_off;
> +		sg_set_buf(&sg[block++], data, head_data_len);
> +		nbytes += head_data_len;
> +	}
> +
> +	if (frags) {
> +		for (i = 0; i < frags->nr_frags; ++i) {
> +			const struct skb_frag_struct *f = &frags->frags[i];
> +			sg_set_page(&sg[block++], f->page, f->size,
> +				    f->page_offset);
> +			nbytes += f->size;
> +		}
>  	}
>  
>  	/* 4. an independently-specified key or password, known to both

Why dont't you want to iterate over all provided data/page pointers with
crypto_hash_update() and do not mess with huge scatterlist arrays?

-- 
	Evgeniy Polyakov
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ