diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2024-01-29 22:17:11 +0800 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2024-02-02 18:08:12 +0800 |
| commit | 69fba378edcaffba7bc7d299fdee02e377069d30 (patch) | |
| tree | 1bf3f44c04f434bb895b12e0cd9b56ec0a8363b1 | |
| parent | crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (diff) | |
| download | linux-69fba378edcaffba7bc7d299fdee02e377069d30.tar.gz linux-69fba378edcaffba7bc7d299fdee02e377069d30.zip | |
crypto: cbc - Ensure statesize is zero
The cbc template should not be applied on stream ciphers, especially
ones that have internal state. Enforce this by checking the state
size when the instance is created.
Reported-by: syzbot+050eeedd6c285d8c42f2@syzkaller.appspotmail.com
Fixes: 47309ea13591 ("crypto: arc4 - Add internal state")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| -rw-r--r-- | crypto/cbc.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/cbc.c b/crypto/cbc.c index eedddef9ce40..e81918ca68b7 100644 --- a/crypto/cbc.c +++ b/crypto/cbc.c @@ -148,6 +148,9 @@ static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb) if (!is_power_of_2(inst->alg.co.base.cra_blocksize)) goto out_free_inst; + if (inst->alg.co.statesize) + goto out_free_inst; + inst->alg.encrypt = crypto_cbc_encrypt; inst->alg.decrypt = crypto_cbc_decrypt; |