check range in _rijndael_ecb_ functions #493
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There is no check that the 'skey' structure has been properly initialized. For example, the skey->rijndael.Nr is assumed to contain a positive number corresponding to the number of AES rounds to perform. In _rijndael_ecb_encrypt the skey->rijndael.Nr is subtracted by two, which can result in an integer underflow if the structure hasn't been initialized correctly. By clamping the value for skey->rijndael.Nr into the valid rounds for AES we can return an error instead of ending up reading outside the boundaries (of skey->rijndael.eK). Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Reported-by: Martijn Bogaard <bogaard@riscure.com>
|
All Travis errors seems to be related to |
sjaeckel
added a commit
that referenced
this pull request
Oct 2, 2019
Inspired by #493 of @jbech-linaro I reviewed all blockciphers for similar patterns.
sjaeckel
added a commit
that referenced
this pull request
Oct 8, 2019
Inspired by #493 of @jbech-linaro I reviewed all blockciphers for similar patterns. Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
sjaeckel
added a commit
that referenced
this pull request
Oct 11, 2019
Inspired by #493 of @jbech-linaro I reviewed all blockciphers for similar patterns. Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
sjaeckel
added a commit
that referenced
this pull request
Oct 12, 2019
Inspired by #493 of @jbech-linaro I reviewed all blockciphers for similar patterns. Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There is no check that the 'skey' structure has been properly
initialized. For example, the skey->rijndael.Nr is assumed to contain a
positive number corresponding to the number of AES rounds to perform. In
_rijndael_ecb_encrypt the skey->rijndael.Nr is subtracted by two, which
can result in an integer underflow if the structure hasn't been
initialized correctly.
By clamping the value for skey->rijndael.Nr into the valid rounds for
AES we can return an error instead of ending up reading outside the
boundaries (of skey->rijndael.eK).
I've also been running the tests
And I couldn't spot any errors, full log can be found here.