diff options
author | Eric Biggers <ebiggers@google.com> | 2019-01-31 23:51:41 -0800 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-02-08 15:30:08 +0800 |
commit | 0e0c3ec993b613ff53fe1c0b8c035dca6d31ab64 (patch) | |
tree | 852e546a957abf53a08e2d1cf2bb3b6775e3141c /crypto/sm4_generic.c | |
parent | 036de26fb4e9c8be0d93ddaa985db5b680f502a3 (diff) | |
download | linux-crypto-0e0c3ec993b613ff53fe1c0b8c035dca6d31ab64.tar.gz linux-crypto-0e0c3ec993b613ff53fe1c0b8c035dca6d31ab64.zip |
crypto: ahash - fix another early termination in hash walk
Hash algorithms with an alignmask set, e.g. "xcbc(aes-aesni)" and
"michael_mic", fail the improved hash tests because they sometimes
produce the wrong digest. The bug is that in the case where a
scatterlist element crosses pages, not all the data is actually hashed
because the scatterlist walk terminates too early. This happens because
the 'nbytes' variable in crypto_hash_walk_done() is assigned the number
of bytes remaining in the page, then later interpreted as the number of
bytes remaining in the scatterlist element. Fix it.
Fixes: a0f776c79d94 ("crypto: ahash - Fix early termination in hash walk")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/sm4_generic.c')
0 files changed, 0 insertions, 0 deletions