179b21e8b1
When a caller passes in a uio or mbuf chain that is longer than crd_len, in
tandem with a transform that supports the multi-block interface,
swcr_encdec() would process the entire mbuf or uio instead of just the
portion indicated by crd_len (+ crd_skip).
De/encryption are performed in-place, so this would trash subsequent uio or
mbuf contents.
This was introduced in r331639 (mea culpa). It only affects the
{de,en}crypt_multi() family of interfaces. That interface only has one
consumer transform in-tree (for now): Chacha20.
PR: 227605
Submitted by: Valentin Vergez <valentin.vergez AT stormshield.eu>
|
||
|---|---|---|
| .. | ||
| cast.c | ||
| cast.h | ||
| castsb.h | ||
| criov.c | ||
| crypto.c | ||
| cryptodeflate.c | ||
| cryptodev_if.m | ||
| cryptodev.c | ||
| cryptodev.h | ||
| cryptosoft.c | ||
| cryptosoft.h | ||
| deflate.h | ||
| gfmult.c | ||
| gfmult.h | ||
| gmac.c | ||
| gmac.h | ||
| rmd160.c | ||
| rmd160.h | ||
| skipjack.c | ||
| skipjack.h | ||
| xform_aes_icm.c | ||
| xform_aes_xts.c | ||
| xform_auth.h | ||
| xform_blf.c | ||
| xform_cast5.c | ||
| xform_cml.c | ||
| xform_comp.h | ||
| xform_deflate.c | ||
| xform_des1.c | ||
| xform_des3.c | ||
| xform_enc.h | ||
| xform_gmac.c | ||
| xform_md5.c | ||
| xform_null.c | ||
| xform_rijndael.c | ||
| xform_rmd160.c | ||
| xform_sha1.c | ||
| xform_sha2.c | ||
| xform_skipjack.c | ||
| xform_userland.h | ||
| xform.c | ||
| xform.h | ||