commit | a253662b1063c7bb866fd21afca550eb6d70b8f4 | [log] [tgz] |
---|---|---|
author | Joakim Bech <joakim.bech@linaro.org> | Fri Aug 02 09:47:19 2019 +0200 |
committer | Jérôme Forissier <jerome@forissier.org> | Wed Oct 09 17:20:30 2019 +0200 |
tree | e6881ec253a0665cc61a32911e978399f8f50914 | |
parent | c4108ef5980e9cc9a33a2c13ea682f210836b9eb [diff] |
ltc: check range in _rijndael_ecb_ functions There is no check that the 'skey' structure has been properly initialized. For example, the skey->rijndael.Nr is assumed to contain a positive number corresponding to the number of AES rounds to perform. In _rijndael_ecb_encrypt the skey->rijndael.Nr is subtracted by two, which can result in an integer underflow if the structure hasn't been initialized correctly. By clamping the value for skey->rijndael.Nr into the valid rounds for AES we can return an error instead of ending up reading outside the boundaries (of skey->rijndael.eK). Patch manually picked from [1]. Link: [1] https://github.com/libtom/libtomcrypt/commit/7b4a5c1dcf2803e9c6cbcbc2458db9317e6fb8ca Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7) Reported-by: Martijn Bogaard <bogaard@riscure.com> Acked-by: Jerome Forissier <jerome@forissier.org>
This git contains source code for the secure side implementation of OP-TEE project.
All official OP-TEE documentation has moved to http://optee.readthedocs.io.
// OP-TEE core maintainers