diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2005-09-06 14:49:44 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-09-06 14:49:44 -0700 |
commit | 0a3c6691706e6cc59bd6b9725424a71061705cc6 (patch) | |
tree | 9b1f4e72d2c5f3763bd226757a091338d28d54c7 | |
parent | 09866cf53e2989fee32d397c870a2d7a64b8a94c (diff) | |
download | linux-crypto-0a3c6691706e6cc59bd6b9725424a71061705cc6.tar.gz linux-crypto-0a3c6691706e6cc59bd6b9725424a71061705cc6.zip |
[CRYPTO] Fix boundary check in standard multi-block cipher processors
The boundary check in the standard multi-block cipher processors are
broken when nbytes is not a multiple of bsize. In those cases it will
always process an extra block.
This patch corrects the check so that it processes at most nbytes of
data.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to '')
-rw-r--r-- | crypto/cipher.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/cipher.c b/crypto/cipher.c index 3df47f93..dfd4bcfc 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -191,6 +191,8 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc, u8 *iv = desc->info; unsigned int done = 0; + nbytes -= bsize; + do { xor(iv, src); fn(crypto_tfm_ctx(tfm), dst, iv); @@ -198,7 +200,7 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc, src += bsize; dst += bsize; - } while ((done += bsize) < nbytes); + } while ((done += bsize) <= nbytes); return done; } @@ -219,6 +221,8 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc, u8 *iv = desc->info; unsigned int done = 0; + nbytes -= bsize; + do { u8 *tmp_dst = *dst_p; @@ -230,7 +234,7 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc, src += bsize; dst += bsize; - } while ((done += bsize) < nbytes); + } while ((done += bsize) <= nbytes); return done; } @@ -243,12 +247,14 @@ static unsigned int ecb_process(const struct cipher_desc *desc, u8 *dst, void (*fn)(void *, u8 *, const u8 *) = desc->crfn; unsigned int done = 0; + nbytes -= bsize; + do { fn(crypto_tfm_ctx(tfm), dst, src); src += bsize; dst += bsize; - } while ((done += bsize) < nbytes); + } while ((done += bsize) <= nbytes); return done; } |