d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

aesni: Fix an out-of-bounds read in AES_GCM_decrypt()

Browse Source 
This is the same as 4285655adb ("aesni: Avoid a potential
out-of-bounds load in AES_GCM_encrypt()") except for the decryption
path.

Reported by:	Jenkins (KASAN job)
Reviewed by:	cem
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33474
This commit is contained in:
Mark Johnston 2021-12-16 09:08:16 -05:00
parent 014f98b119
commit 4a61d8ef42
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/crypto/aesni/aesni_ghash.c
View File

@ -799,8 +799,9 @@ AES_GCM_decrypt(const unsigned char *in, unsigned char *out,
}
tmp1 = _mm_aesenc_si128(tmp1, KEY[nr-1]);
tmp1 = _mm_aesenclast_si128(tmp1, KEY[nr]);
tmp1 = _mm_xor_si128(tmp1,
_mm_loadu_si128(&((const __m128i *)in)[k]));
last_block = _mm_setzero_si128();
memcpy(&last_block, &((const __m128i *)in)[k], nbytes%16);
tmp1 = _mm_xor_si128(tmp1, last_block);
last_block = tmp1;
for (j=0; j<nbytes%16; j++)
out[k*16+j] = ((unsigned char*)&last_block)[j];