Kees Cook keescook@chromium.org writes:
Fix typo in memcpy() where size should be CTR_RFC3686_NONCE_SIZE.
Fixes: 030f4e968741 ("crypto: nx - Fix reentrancy bugs") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook keescook@chromium.org
Thanks.
drivers/crypto/nx/nx-aes-ctr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/nx/nx-aes-ctr.c b/drivers/crypto/nx/nx-aes-ctr.c index 13f518802343..6120e350ff71 100644 --- a/drivers/crypto/nx/nx-aes-ctr.c +++ b/drivers/crypto/nx/nx-aes-ctr.c @@ -118,7 +118,7 @@ static int ctr3686_aes_nx_crypt(struct skcipher_request *req) struct nx_crypto_ctx *nx_ctx = crypto_skcipher_ctx(tfm); u8 iv[16];
- memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_IV_SIZE);
- memcpy(iv, nx_ctx->priv.ctr.nonce, CTR_RFC3686_NONCE_SIZE); memcpy(iv + CTR_RFC3686_NONCE_SIZE, req->iv, CTR_RFC3686_IV_SIZE); iv[12] = iv[13] = iv[14] = 0; iv[15] = 1;
Where IV_SIZE is 8 and NONCE_SIZE is 4.
And iv is 16 bytes, so it's not a buffer overflow.
But priv.ctr.nonce is 4 bytes, and at the end of the struct, so it reads 4 bytes past the end of the nx_crypto_ctx, which is not good.
But then immediately overwrites whatever it read with req->iv.
So seems pretty harmless in practice?
cheers