Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / common / 35f7d5225ffcbf1b759f641aec1735e3a89b1914^! / . / crypto / dh_helper.c
commit35f7d5225ffcbf1b759f641aec1735e3a89b1914[log] [tgz]
authorEric Biggers <ebiggers@google.com>Fri Jul 27 15:36:10 2018 -0700
committerHerbert Xu <herbert@gondor.apana.org.au>Fri Aug 03 18:06:06 2018 +0800
tree8e433b5ee404d6f4ed9a4319f0358ef6b5fb7f42
parentafb31cd2d1a1bc3ca055fb2519ec4e9ab969ffe0 [diff] [blame]
crypto: dh - fix calculating encoded key size

It was forgotten to increase DH_KPP_SECRET_MIN_SIZE to include 'q_size',
causing an out-of-bounds write of 4 bytes in crypto_dh_encode_key(), and
an out-of-bounds read of 4 bytes in crypto_dh_decode_key().  Fix it, and
fix the lengths of the test vectors to match this.

Reported-by: syzbot+6d38d558c25b53b8f4ed@syzkaller.appspotmail.com
Fixes: e3fe0ae12962 ("crypto: dh - add public key verification test")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/dh_helper.c b/crypto/dh_helper.c
index a7de3d9c..db9b2d9 100644
--- a/crypto/dh_helper.c
+++ b/crypto/dh_helper.c

@@ -14,7 +14,7 @@
 #include <crypto/dh.h>
 #include <crypto/kpp.h>
 
-#define DH_KPP_SECRET_MIN_SIZE (sizeof(struct kpp_secret) + 3 * sizeof(int))
+#define DH_KPP_SECRET_MIN_SIZE (sizeof(struct kpp_secret) + 4 * sizeof(int))
 
 static inline u8 *dh_pack_data(void *dst, const void *src, size_t size)
 {