summaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2024-01-29 22:17:11 +0800
committerHerbert Xu <herbert@gondor.apana.org.au>2024-02-02 18:08:12 +0800
commit69fba378edcaffba7bc7d299fdee02e377069d30 (patch)
tree1bf3f44c04f434bb895b12e0cd9b56ec0a8363b1 /crypto
parentccb88e9549e7cfd8bcd511c538f437e20026e983 (diff)
downloadlwn-69fba378edcaffba7bc7d299fdee02e377069d30.tar.gz
lwn-69fba378edcaffba7bc7d299fdee02e377069d30.zip
crypto: cbc - Ensure statesize is zero
The cbc template should not be applied on stream ciphers, especially ones that have internal state. Enforce this by checking the state size when the instance is created. Reported-by: syzbot+050eeedd6c285d8c42f2@syzkaller.appspotmail.com Fixes: 47309ea13591 ("crypto: arc4 - Add internal state") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/cbc.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/cbc.c b/crypto/cbc.c
index eedddef9ce40..e81918ca68b7 100644
--- a/crypto/cbc.c
+++ b/crypto/cbc.c
@@ -148,6 +148,9 @@ static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
if (!is_power_of_2(inst->alg.co.base.cra_blocksize))
goto out_free_inst;
+ if (inst->alg.co.statesize)
+ goto out_free_inst;
+
inst->alg.encrypt = crypto_cbc_encrypt;
inst->alg.decrypt = crypto_cbc_decrypt;