From: David McCullough <david_mccullough@au.securecomputing.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Valdis.Kletnieks@vt.edu, Adrian Bunk <bunk@stusta.de>,
davem@davemloft.net, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [2.6 patch] crypto/aes.c: array overrun
Date: Wed, 15 Mar 2006 11:11:32 +1000 [thread overview]
Message-ID: <20060315011132.GA28323@beast> (raw)
In-Reply-To: <20060315003212.GA20843@gondor.apana.org.au>
[-- Attachment #1: Type: text/plain, Size: 551 bytes --]
Jivin Herbert Xu lays it down ...
> On Wed, Mar 15, 2006 at 08:54:48AM +1000, David McCullough wrote:
> >
> > struct aes_ctx {
> > int key_length;
> > - u32 E[60];
> > - u32 D[60];
> > + u32 _KEYS[120];
> > };
>
> Looks good. Thanks for this David.
>
> Could you please change the name from _KEYS to buf and patch the x86-64
> version as well?
No problems, attached.
Cheers,
Davidm
--
David McCullough, david_mccullough@au.securecomputing.com, Ph:+61 734352815
Secure Computing - SnapGear http://www.uCdot.org http://www.cyberguard.com
[-- Attachment #2: aes2.diff --]
[-- Type: text/plain, Size: 1235 bytes --]
Index: linux-2.6.x/crypto/aes.c
===================================================================
RCS file: linux-2.6.x/crypto/aes.c,v
retrieving revision 1.1.1.6
diff -u -r1.1.1.6 aes.c
--- linux-2.6.x/crypto/aes.c 31 Aug 2005 00:33:03 -0000 1.1.1.6
+++ linux-2.6.x/crypto/aes.c 15 Mar 2006 01:09:37 -0000
@@ -78,12 +78,11 @@
struct aes_ctx {
int key_length;
- u32 E[60];
- u32 D[60];
+ u32 buf[120];
};
-#define E_KEY ctx->E
-#define D_KEY ctx->D
+#define E_KEY (&ctx->buf[0])
+#define D_KEY (&ctx->buf[60])
static u8 pow_tab[256] __initdata;
static u8 log_tab[256] __initdata;
Index: linux-2.6.x/arch/x86_64/crypto/aes.c
===================================================================
RCS file: linux-2.6.x/arch/x86_64/crypto/aes.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 aes.c
--- linux-2.6.x/arch/x86_64/crypto/aes.c 31 Aug 2005 00:33:07 -0000 1.1.1.1
+++ linux-2.6.x/arch/x86_64/crypto/aes.c 15 Mar 2006 01:09:37 -0000
@@ -79,12 +79,11 @@
struct aes_ctx
{
u32 key_length;
- u32 E[60];
- u32 D[60];
+ u32 buf[120];
};
-#define E_KEY ctx->E
-#define D_KEY ctx->D
+#define E_KEY (&ctx->buf[0])
+#define D_KEY (&ctx->buf[60])
static u8 pow_tab[256] __initdata;
static u8 log_tab[256] __initdata;
next prev parent reply other threads:[~2006-03-15 1:15 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-11 1:03 [2.6 patch] crypto/aes.c: array overrun Adrian Bunk
2006-03-11 2:41 ` Herbert Xu
2006-03-13 10:30 ` Pavel Machek
2006-03-14 20:25 ` Valdis.Kletnieks
2006-03-14 22:54 ` David McCullough
2006-03-15 0:32 ` Herbert Xu
2006-03-15 1:11 ` David McCullough [this message]
2006-03-15 10:13 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060315011132.GA28323@beast \
--to=david_mccullough@au.securecomputing.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=bunk@stusta.de \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox