summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2005-09-06 14:49:44 -0700
committerDavid S. Miller <davem@davemloft.net>2005-09-06 14:49:44 -0700
commitfe2d5295a11e2ab2d6f4e7ea074816000b32eba3 (patch)
tree6887fb3b2f406d5ed1247e7c77ef34f20a345e6d
parentb69aee04fbfc027fc4ddaddc809ea8711cef9511 (diff)
downloadlinux-fe2d5295a11e2ab2d6f4e7ea074816000b32eba3.tar.gz
linux-fe2d5295a11e2ab2d6f4e7ea074816000b32eba3.tar.bz2
linux-fe2d5295a11e2ab2d6f4e7ea074816000b32eba3.zip
[CRYPTO] Fix boundary check in standard multi-block cipher processors
The boundary check in the standard multi-block cipher processors are broken when nbytes is not a multiple of bsize. In those cases it will always process an extra block. This patch corrects the check so that it processes at most nbytes of data. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--crypto/cipher.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 3df47f93c9db..dfd4bcfc5975 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -191,6 +191,8 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc,
u8 *iv = desc->info;
unsigned int done = 0;
+ nbytes -= bsize;
+
do {
xor(iv, src);
fn(crypto_tfm_ctx(tfm), dst, iv);
@@ -198,7 +200,7 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc,
src += bsize;
dst += bsize;
- } while ((done += bsize) < nbytes);
+ } while ((done += bsize) <= nbytes);
return done;
}
@@ -219,6 +221,8 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc,
u8 *iv = desc->info;
unsigned int done = 0;
+ nbytes -= bsize;
+
do {
u8 *tmp_dst = *dst_p;
@@ -230,7 +234,7 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc,
src += bsize;
dst += bsize;
- } while ((done += bsize) < nbytes);
+ } while ((done += bsize) <= nbytes);
return done;
}
@@ -243,12 +247,14 @@ static unsigned int ecb_process(const struct cipher_desc *desc, u8 *dst,
void (*fn)(void *, u8 *, const u8 *) = desc->crfn;
unsigned int done = 0;
+ nbytes -= bsize;
+
do {
fn(crypto_tfm_ctx(tfm), dst, src);
src += bsize;
dst += bsize;
- } while ((done += bsize) < nbytes);
+ } while ((done += bsize) <= nbytes);
return done;
}