Page MenuHomeFreeBSD
Differential D33474

aesni: Fix yet another out-of-bounds read
ClosedPublic
Actions

Authored by markj on Dec 15 2021, 5:20 PM.
Tags
None
Referenced Files
F86100204: D33474.diff
Sat, Jun 15, 11:12 AM
Unknown Object (File)
Fri, Jun 7, 8:45 PM
Unknown Object (File)
Fri, May 31, 8:24 AM
Unknown Object (File)
Thu, May 23, 3:01 AM
Unknown Object (File)
Tue, May 21, 7:52 AM
Unknown Object (File)
May 8 2024, 9:01 AM
Unknown Object (File)
May 4 2024, 9:31 PM
Unknown Object (File)
Apr 22 2024, 3:32 AM
View All 60 Files
Subscribers
imp
jmg

Details

Reviewers
jhb
cem
Commits
rG4a61d8ef42cb: aesni: Fix an out-of-bounds read in AES_GCM_decrypt()
Summary

This is the same as 4285655adb74 ("aesni: Avoid a potential
out-of-bounds load in AES_GCM_encrypt()") except for the decryption
path. I failed to notice this last time since I assumed that encryption
and decryption use the same routine, like the CTR mode implementation
does.

Reported by: Jenkins (KASAN job)

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 43389
Build 40277: arc lint + arc unit

Event Timeline

markj created this revision.Dec 15 2021, 5:20 PM
Herald added subscribers: jmg, imp. · View Herald TranscriptDec 15 2021, 5:20 PM
markj requested review of this revision.Dec 15 2021, 5:20 PM
Harbormaster completed remote builds in B43381: Diff 100084.Dec 15 2021, 5:20 PM
cem added a comment.Dec 15 2021, 6:02 PM

LGTM modulo overflow concern and what looks like a typo.

sys/crypto/aesni/aesni_ghash.c
793

Is this correct if nbytes was > 2GB? nbytes is a uint32 but resid is (signed) integer.

806

typo

jhb added inline comments.Dec 15 2021, 7:56 PM
sys/crypto/aesni/aesni_ghash.c
793

I think it still happens to work. Note that OCF itself can only describe buffers up to 2GB anyway (crp_payload_length is an int I think?)

markj updated this revision to Diff 100096.Dec 15 2021, 7:59 PM
markj marked 3 inline comments as done.

Drop the use of resid entirely, this is consistent with AES_GCM_encrypt() anyway.

Harbormaster completed remote builds in B43389: Diff 100096.Dec 15 2021, 7:59 PM
cem accepted this revision.Dec 15 2021, 8:03 PM
This revision is now accepted and ready to land.Dec 15 2021, 8:03 PM
Closed by commit rG4a61d8ef42cb: aesni: Fix an out-of-bounds read in AES_GCM_decrypt() (authored by markj). · Explain WhyDec 16 2021, 2:21 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG4a61d8ef42cb: aesni: Fix an out-of-bounds read in AES_GCM_decrypt().

Revision Contents
Changeset List

PathSize
sys/
crypto/
aesni/
7 lines

Diff 100096

View Options

sys/crypto/aesni/aesni_ghash.c

Loading...