freebsd-dev

History

John Baldwin db631975fe Don't overflow the ipad[] array when clearing the remainder. After the auth key is copied into the ipad[] array, any remaining bytes are cleared to zero (in case the key is shorter than one block size). The full block size was used as the length of the zero rather than the size of the remaining ipad[]. In practice this overflow was harmless as it could only clear bytes in the following opad[] array which is initialized with a copy of ipad[] in the next statement. Sponsored by: Chelsio Communications	2018-02-26 22:17:27 +00:00
..
t4_crypto.c	Don't overflow the ipad[] array when clearing the remainder.	2018-02-26 22:17:27 +00:00
t4_crypto.h

John Baldwin db631975fe Don't overflow the ipad[] array when clearing the remainder.

After the auth key is copied into the ipad[] array, any remaining bytes
are cleared to zero (in case the key is shorter than one block size).
The full block size was used as the length of the zero rather than the
size of the remaining ipad[].  In practice this overflow was harmless as
it could only clear bytes in the following opad[] array which is
initialized with a copy of ipad[] in the next statement.

Sponsored by:	Chelsio Communications

2018-02-26 22:17:27 +00:00

t4_crypto.c

Don't overflow the ipad[] array when clearing the remainder.

2018-02-26 22:17:27 +00:00

t4_crypto.h