summaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorOndrej Mosnáček <omosnace@redhat.com>2018-06-13 16:44:17 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2018-06-15 23:06:48 +0800
commita81ae8095712d1513fe8d58527c92c439b43233e (patch)
treeba5545a359bc33638ace2a1468f4b3c8d5d53d70 /crypto
parentf044a84e040b85cd609851ac88ae8b54b2cc0b75 (diff)
crypto: morus640 - Fix out-of-bounds access
We must load the block from the temporary variable here, not directly from the input. Also add forgotten zeroing-out of the uninitialized part of the temporary block (as is done correctly in morus1280.c). Fixes: 396be41f16fd ("crypto: morus - Add generic MORUS AEAD implementations") Reported-by: syzbot+1fafa9c4cf42df33f716@syzkaller.appspotmail.com Reported-by: syzbot+d82643ba80bf6937cd44@syzkaller.appspotmail.com Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/morus640.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/morus640.c b/crypto/morus640.c
index 9fbcde307daf..5eede3749e64 100644
--- a/crypto/morus640.c
+++ b/crypto/morus640.c
@@ -274,8 +274,9 @@ static void crypto_morus640_decrypt_chunk(struct morus640_state *state, u8 *dst,
union morus640_block_in tail;
memcpy(tail.bytes, src, size);
+ memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size);
- crypto_morus640_load_a(&m, src);
+ crypto_morus640_load_a(&m, tail.bytes);
crypto_morus640_core(state, &m);
crypto_morus640_store_a(tail.bytes, &m);
memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size);