crypto: x86/aesni-gcm - fix crash on empty plaintext
commit 3af349639597fea582a93604734d717e59a0e223 upstream.
gcmaes_crypt_by_sg() dereferences the NULL pointer returned by
scatterwalk_ffwd() when encrypting an empty plaintext and the source
scatterlist ends immediately after the associated data.
Fix it by only fast-forwarding to the src/dst data scatterlists if the
data length is nonzero.
This bug is reproduced by the "rfc4543(gcm(aes))" test vectors when run
with the new AEAD test manager.
Fixes: e845520707
("crypto: aesni - Update aesni-intel_glue to use scatter/gather")
Cc: <stable@vger.kernel.org> # v4.17+
Cc: Dave Watson <davejwatson@fb.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
5d2a5172ca
commit
8a9fcf4a9f
1 changed files with 8 additions and 5 deletions
|
@ -830,11 +830,14 @@ static int gcmaes_crypt_by_sg(bool enc, struct aead_request *req,
|
||||||
scatterwalk_map_and_copy(assoc, req->src, 0, assoclen, 0);
|
scatterwalk_map_and_copy(assoc, req->src, 0, assoclen, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
src_sg = scatterwalk_ffwd(src_start, req->src, req->assoclen);
|
if (left) {
|
||||||
scatterwalk_start(&src_sg_walk, src_sg);
|
src_sg = scatterwalk_ffwd(src_start, req->src, req->assoclen);
|
||||||
if (req->src != req->dst) {
|
scatterwalk_start(&src_sg_walk, src_sg);
|
||||||
dst_sg = scatterwalk_ffwd(dst_start, req->dst, req->assoclen);
|
if (req->src != req->dst) {
|
||||||
scatterwalk_start(&dst_sg_walk, dst_sg);
|
dst_sg = scatterwalk_ffwd(dst_start, req->dst,
|
||||||
|
req->assoclen);
|
||||||
|
scatterwalk_start(&dst_sg_walk, dst_sg);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
kernel_fpu_begin();
|
kernel_fpu_begin();
|
||||||
|
|
Loading…
Reference in a new issue