diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2009-07-14 21:35:36 +0800 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2009-07-14 21:35:36 +0800 |
commit | befd189385449d046cba3d637043565ccb4de96d (patch) | |
tree | 225a4a1ab2f5f67a07de36857e27544280066d1a /crypto/ahash.c | |
parent | 7a63e897b210a4c3fa10022f5ced3cb1c0d72cc3 (diff) | |
download | linux-crypto-befd189385449d046cba3d637043565ccb4de96d.tar.gz linux-crypto-befd189385449d046cba3d637043565ccb4de96d.zip |
crypto: hash - Zap unaligned buffers
Some unaligned buffers on the stack weren't zapped properly which
may cause secret data to be leaked. This patch fixes them by doing
a zero memset.
It is also possible for us to place random kernel stack contents
in the digest buffer if a digest operation fails. This is fixed
by only copying if the operation succeeded.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/ahash.c')
-rw-r--r-- | crypto/ahash.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/ahash.c b/crypto/ahash.c index cc824ef2..1576f95f 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -152,8 +152,7 @@ static int ahash_setkey_unaligned(struct crypto_ahash *tfm, const u8 *key, alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); memcpy(alignbuffer, key, keylen); ret = ahash->setkey(tfm, alignbuffer, keylen); - memset(alignbuffer, 0, keylen); - kfree(buffer); + kzfree(buffer); return ret; } |