Re: [PATCH] crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize

From: Herbert Xu
Date: Thu Oct 10 2019 - 08:56:58 EST

Next message: Herbert Xu: "Re: [PATCH] crypto: user - fix memory leak in crypto_report"
Previous message: Jonathan Corbet: "Re: [PATCH] Documentation: networking: device drivers: Remove stray asterisks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Oct 04, 2019 at 08:55:37AM +0000, Tudor.Ambarus@xxxxxxxxxxxxx wrote:
> From: Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx>
>
> commit 394a9e044702 ("crypto: cfb - add missing 'chunksize' property")
> adds a test vector where the input length is smaller than the IV length
> (the second test vector). This revealed a NULL pointer dereference in
> the atmel-aes driver, that is caused by passing an incorrect offset in
> scatterwalk_map_and_copy() when atmel_aes_complete() is called.
>
> Do not save the IV in req->info of ablkcipher_request (or equivalently
> req->iv of skcipher_request) when req->nbytes < ivsize, because the IV
> will not be further used.
>
> While touching the code, modify the type of ivsize from int to
> unsigned int, to comply with the return type of
> crypto_ablkcipher_ivsize().
>
> Fixes: 91308019ecb4 ("crypto: atmel-aes - properly set IV after {en,de}crypt")
> Signed-off-by: Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx>
> ---
> drivers/crypto/atmel-aes.c | 53 ++++++++++++++++++++++++++--------------------
> 1 file changed, 30 insertions(+), 23 deletions(-)

Patch applied. Thanks.
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Herbert Xu: "Re: [PATCH] crypto: user - fix memory leak in crypto_report"
Previous message: Jonathan Corbet: "Re: [PATCH] Documentation: networking: device drivers: Remove stray asterisks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]