diff options
author | David McCullough <david_mccullough@au.securecomputing.com> | 2006-03-15 21:08:51 +1100 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2006-03-21 20:14:10 +1100 |
commit | b4c49c5e6eb2d8f7cb095b5eed430158d9f095ea (patch) | |
tree | 08c32b8a4dcdd2ba4de824400cdf468289f9010d /crypto/aes.c | |
parent | 66679dbab12e84fabe2c54890b5c8112f553a77e (diff) | |
download | linux-crypto-b4c49c5e6eb2d8f7cb095b5eed430158d9f095ea.tar.gz linux-crypto-b4c49c5e6eb2d8f7cb095b5eed430158d9f095ea.zip |
[CRYPTO] aes: Fixed array boundary violation
The AES setkey routine writes 64 bytes to the E_KEY area even though
there are only 60 bytes there. It is in fact safe since E_KEY is
immediately follwed by D_KEY which is initialised afterwards. However,
doing this may trigger undefined behaviour and makes Coverity unhappy.
So by combining E_KEY and D_KEY into one array we sidestep this issue
altogether.
This problem was reported by Adrian Bunk.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to '')
-rw-r--r-- | crypto/aes.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/crypto/aes.c b/crypto/aes.c index 0a6a5c14..a5017292 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -75,12 +75,11 @@ byte(const u32 x, const unsigned n) struct aes_ctx { int key_length; - u32 E[60]; - u32 D[60]; + u32 buf[120]; }; -#define E_KEY ctx->E -#define D_KEY ctx->D +#define E_KEY (&ctx->buf[0]) +#define D_KEY (&ctx->buf[60]) static u8 pow_tab[256] __initdata; static u8 log_tab[256] __initdata; |