| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1326709382.2255.4.camel@edumazet-HP-Compaq-6005-Pro-SFF-PC>
Date: Mon, 16 Jan 2012 11:23:02 +0100
From: Eric Dumazet <eric.dumazet@...il.com>
To: David Laight <David.Laight@...LAB.COM>
Cc: Alexey Dobriyan <adobriyan@...il.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Herbert Xu <herbert@...dor.apana.org.au>,
linux-crypto@...r.kernel.org, netdev@...r.kernel.org,
ken@...elabs.ch, Steffen Klassert <steffen.klassert@...unet.com>,
security@...nel.org
Subject: RE: [PATCH 2/3] sha512: reduce stack usage to safe number
Le lundi 16 janvier 2012 à 09:56 +0000, David Laight a écrit :
> Doesn't this badly overflow W[] ..
>
> > +#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \
> > + t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \
> ...
> > + for (i = 0; i < 16; i += 8) {
> ...
> > + SHA512_0_15(i + 7, b, c, d, e, f, g, h, a);
> > + }
>
> David
>
>
No overflow since loop is done for only i=0 and i=8
By the way, I suspect previous code was chosen years ago because this
version uses less stack but adds much more code bloat.
size crypto/sha512_generic.o crypto/sha512_generic_old.o
text data bss dec hex filename
17369 704 0 18073 4699 crypto/sha512_generic.o
8249 704 0 8953 22f9 crypto/sha512_generic_old.o
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists