lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 20 Jun 2023 08:42:15 +0100
From: David Howells <dhowells@...hat.com>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: dhowells@...hat.com, netdev@...r.kernel.org,
    syzbot+13a08c0bf4d212766c3c@...kaller.appspotmail.com,
    syzbot+14234ccf6d0ef629ec1a@...kaller.appspotmail.com,
    syzbot+4e2e47f32607d0f72d43@...kaller.appspotmail.com,
    syzbot+472626bb5e7c59fb768f@...kaller.appspotmail.com,
    "David S. Miller" <davem@...emloft.net>,
    Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
    Paolo Abeni <pabeni@...hat.com>, Jens Axboe <axboe@...nel.dk>,
    Matthew Wilcox <willy@...radead.org>, linux-crypto@...r.kernel.org,
    linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v2] crypto: af_alg/hash: Fix recvmsg() after sendmsg(MSG_MORE)

Herbert Xu <herbert@...dor.apana.org.au> wrote:

> > +		hash_free_result(sk, ctx);
> 
> Please revert this change as I explained in the other message.
> 
> > +		if (!msg_data_left(msg))
> > +			goto done; /* Zero-length; don't start new req */
> 
> This is still broken in the case of a zero-length message with
> MSG_MORE set.  Here you will short-circuit out without ever calling
> crypto_ahash_init.  However, hash_recvmsg will directly call
> crypto_ahash_final on this, which is undefined.

Not so.  hash_recvmsg() will call crypto_ahash_init() first because ctx->more
is false (hence why we came down this branch in hash_sendmsg()) and the result
was released on the previous line (which you're objecting to).  If it goes to
the "done" label, it will skip setting ctx->more to true if MSG_MORE is
passed.

However, given you want sendmsg() to do the init->digest cycle on zero length
data, I think we should revert to the previous version of the patch that makes
a pass of the loop even with no data.

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ