From ca9069561198164afc252b66fb904cf484fc8138 Mon Sep 17 00:00:00 2001
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Mon, 29 Jan 2024 22:17:11 +0800
Subject: crypto: cbc - Ensure statesize is zero

The cbc template should not be applied on stream ciphers, especially
ones that have internal state.  Enforce this by checking the state
size when the instance is created.

Reported-by: syzbot+050eeedd6c285d8c42f2@syzkaller.appspotmail.com
Fixes: 67d9a2e93f68 ("crypto: arc4 - Add internal state")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/cbc.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'crypto/cbc.c')

diff --git a/crypto/cbc.c b/crypto/cbc.c
index eedddef9..e81918ca 100644
--- a/crypto/cbc.c
+++ b/crypto/cbc.c
@@ -148,6 +148,9 @@ static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
 	if (!is_power_of_2(inst->alg.co.base.cra_blocksize))
 		goto out_free_inst;
 
+	if (inst->alg.co.statesize)
+		goto out_free_inst;
+
 	inst->alg.encrypt = crypto_cbc_encrypt;
 	inst->alg.decrypt = crypto_cbc_decrypt;
 
-- 
cgit v1.2.3