aesni: Fix an out-of-bounds read in AES_GCM_decrypt()
This is the same as 4285655adb
("aesni: Avoid a potential
out-of-bounds load in AES_GCM_encrypt()") except for the decryption
path.
Reported by: Jenkins (KASAN job)
Reviewed by: cem
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33474
This commit is contained in:
parent
014f98b119
commit
4a61d8ef42
@ -799,8 +799,9 @@ AES_GCM_decrypt(const unsigned char *in, unsigned char *out,
|
||||
}
|
||||
tmp1 = _mm_aesenc_si128(tmp1, KEY[nr-1]);
|
||||
tmp1 = _mm_aesenclast_si128(tmp1, KEY[nr]);
|
||||
tmp1 = _mm_xor_si128(tmp1,
|
||||
_mm_loadu_si128(&((const __m128i *)in)[k]));
|
||||
last_block = _mm_setzero_si128();
|
||||
memcpy(&last_block, &((const __m128i *)in)[k], nbytes%16);
|
||||
tmp1 = _mm_xor_si128(tmp1, last_block);
|
||||
last_block = tmp1;
|
||||
for (j=0; j<nbytes%16; j++)
|
||||
out[k*16+j] = ((unsigned char*)&last_block)[j];
|
||||
|
Loading…
Reference in New Issue
Block a user