Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932452AbcKGNci (ORCPT ); Mon, 7 Nov 2016 08:32:38 -0500 Received: from mx2.suse.de ([195.135.220.15]:40598 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752833AbcKGNa5 (ORCPT ); Mon, 7 Nov 2016 08:30:57 -0500 X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References" From: Jiri Slaby To: stable@vger.kernel.org Cc: linux-kernel@vger.kernel.org, =?UTF-8?q?Ondrej=20Mosn=C3=A1=C4=8Dek?= , Herbert Xu , Jiri Slaby Subject: [PATCH 3.12 65/72] crypto: gcm - Fix IV buffer size in crypto_gcm_setkey Date: Mon, 7 Nov 2016 14:30:45 +0100 Message-Id: <666eaadbb7007f0e93e60da4b03f4e3ac3273a7e.1478525307.git.jslaby@suse.cz> X-Mailer: git-send-email 2.10.2 In-Reply-To: <7c0dfa3b2ea712bd2cc6343445f263815b81918f.1478525307.git.jslaby@suse.cz> References: <7c0dfa3b2ea712bd2cc6343445f263815b81918f.1478525307.git.jslaby@suse.cz> MIME-Version: 1.0 In-Reply-To: References: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1181 Lines: 37 From: Ondrej Mosnáček 3.12-stable review patch. If anyone has any objections, please let me know. =============== commit 50d2e6dc1f83db0563c7d6603967bf9585ce934b upstream. The cipher block size for GCM is 16 bytes, and thus the CTR transform used in crypto_gcm_setkey() will also expect a 16-byte IV. However, the code currently reserves only 8 bytes for the IV, causing an out-of-bounds access in the CTR transform. This patch fixes the issue by setting the size of the IV buffer to 16 bytes. Fixes: 84c911523020 ("[CRYPTO] gcm: Add support for async ciphers") Signed-off-by: Ondrej Mosnacek Signed-off-by: Herbert Xu Signed-off-by: Jiri Slaby --- crypto/gcm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/gcm.c b/crypto/gcm.c index d2a0f7371cf0..49b6fb20cceb 100644 --- a/crypto/gcm.c +++ b/crypto/gcm.c @@ -109,7 +109,7 @@ static int crypto_gcm_setkey(struct crypto_aead *aead, const u8 *key, struct crypto_ablkcipher *ctr = ctx->ctr; struct { be128 hash; - u8 iv[8]; + u8 iv[16]; struct crypto_gcm_setkey_result result; -- 2.10.2