From 55e9dce37ddf3ab358ba1d1e9eef4ee4bd8174a6 Mon Sep 17 00:00:00 2001 From: David McCullough Date: Wed, 15 Mar 2006 21:08:51 +1100 Subject: [CRYPTO] aes: Fixed array boundary violation The AES setkey routine writes 64 bytes to the E_KEY area even though there are only 60 bytes there. It is in fact safe since E_KEY is immediately follwed by D_KEY which is initialised afterwards. However, doing this may trigger undefined behaviour and makes Coverity unhappy. So by combining E_KEY and D_KEY into one array we sidestep this issue altogether. This problem was reported by Adrian Bunk. Signed-off-by: Herbert Xu --- arch/x86_64/crypto/aes.c | 7 +++---- crypto/aes.c | 7 +++---- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/arch/x86_64/crypto/aes.c b/arch/x86_64/crypto/aes.c index fb1b961a2e2f..6f77e7700d32 100644 --- a/arch/x86_64/crypto/aes.c +++ b/arch/x86_64/crypto/aes.c @@ -77,12 +77,11 @@ static inline u8 byte(const u32 x, const unsigned n) struct aes_ctx { u32 key_length; - u32 E[60]; - u32 D[60]; + u32 buf[120]; }; -#define E_KEY ctx->E -#define D_KEY ctx->D +#define E_KEY (&ctx->buf[0]) +#define D_KEY (&ctx->buf[60]) static u8 pow_tab[256] __initdata; static u8 log_tab[256] __initdata; diff --git a/crypto/aes.c b/crypto/aes.c index 0a6a5c143686..a5017292e066 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -75,12 +75,11 @@ byte(const u32 x, const unsigned n) struct aes_ctx { int key_length; - u32 E[60]; - u32 D[60]; + u32 buf[120]; }; -#define E_KEY ctx->E -#define D_KEY ctx->D +#define E_KEY (&ctx->buf[0]) +#define D_KEY (&ctx->buf[60]) static u8 pow_tab[256] __initdata; static u8 log_tab[256] __initdata; -- cgit v1.2.3