* [PATCH] crypto: drbg: check blocklen is non zero
@ 2020-08-02 17:12 trix
2020-08-02 18:29 ` Stephan Mueller
2020-08-20 7:15 ` Herbert Xu
0 siblings, 2 replies; 5+ messages in thread
From: trix @ 2020-08-02 17:12 UTC (permalink / raw)
To: herbert, davem, smueller; +Cc: linux-crypto, linux-kernel, Tom Rix
From: Tom Rix <trix@redhat.com>
Clang static analysis reports this error
crypto/drbg.c:441:40: warning: Division by zero
padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~
When drbg_bocklen fails it returns 0.
if (drbg && drbg->core)
return drbg->core->blocklen_bytes;
return 0;
In many places in drbg_ctr_df drbg_bocklen is assumed to be non zero.
So turn the assumption into a check.
Fixes: 541af946fe13 ("crypto: drbg - SP800-90A Deterministic Random Bit Generator")
Signed-off-by: Tom Rix <trix@redhat.com>
---
crypto/drbg.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/crypto/drbg.c b/crypto/drbg.c
index e99fe34cfa00..bd9a137e5473 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -420,6 +420,9 @@ static int drbg_ctr_df(struct drbg_state *drbg,
size_t inputlen = 0;
struct drbg_string *seed = NULL;
+ if (!drbg_blocklen(drbg))
+ return -EINVAL;
+
memset(pad, 0, drbg_blocklen(drbg));
memset(iv, 0, drbg_blocklen(drbg));
--
2.18.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] crypto: drbg: check blocklen is non zero
2020-08-02 17:12 [PATCH] crypto: drbg: check blocklen is non zero trix
@ 2020-08-02 18:29 ` Stephan Mueller
2020-08-20 7:15 ` Herbert Xu
1 sibling, 0 replies; 5+ messages in thread
From: Stephan Mueller @ 2020-08-02 18:29 UTC (permalink / raw)
To: herbert, davem, trix; +Cc: linux-crypto, linux-kernel, Tom Rix
Am Sonntag, 2. August 2020, 19:12:47 CEST schrieb trix@redhat.com:
Hi Tom,
> From: Tom Rix <trix@redhat.com>
>
> Clang static analysis reports this error
>
> crypto/drbg.c:441:40: warning: Division by zero
> padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg));
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~
>
> When drbg_bocklen fails it returns 0.
>
> if (drbg && drbg->core)
> return drbg->core->blocklen_bytes;
> return 0;
>
> In many places in drbg_ctr_df drbg_bocklen is assumed to be non zero.
> So turn the assumption into a check.
>
> Fixes: 541af946fe13 ("crypto: drbg - SP800-90A Deterministic Random Bit
> Generator")
>
> Signed-off-by: Tom Rix <trix@redhat.com>
Thank you.
Reviewed-by: Stephan Mueller <smueller@chronox.de>
Ciao
Stephan
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] crypto: drbg: check blocklen is non zero
2020-08-02 17:12 [PATCH] crypto: drbg: check blocklen is non zero trix
2020-08-02 18:29 ` Stephan Mueller
@ 2020-08-20 7:15 ` Herbert Xu
2020-08-20 13:27 ` Tom Rix
1 sibling, 1 reply; 5+ messages in thread
From: Herbert Xu @ 2020-08-20 7:15 UTC (permalink / raw)
To: trix; +Cc: davem, smueller, linux-crypto, linux-kernel
On Sun, Aug 02, 2020 at 10:12:47AM -0700, trix@redhat.com wrote:
> From: Tom Rix <trix@redhat.com>
>
> Clang static analysis reports this error
>
> crypto/drbg.c:441:40: warning: Division by zero
> padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg));
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~
>
> When drbg_bocklen fails it returns 0.
>
> if (drbg && drbg->core)
> return drbg->core->blocklen_bytes;
> return 0;
Yes but it can only fail if the drbg is not instantiated. If
you're hitting the generate path with an uninstantiated drbg you've
got bigger problems than a divide by zero.
So how is this even possible?
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] crypto: drbg: check blocklen is non zero
2020-08-20 7:15 ` Herbert Xu
@ 2020-08-20 13:27 ` Tom Rix
2020-08-20 20:06 ` Herbert Xu
0 siblings, 1 reply; 5+ messages in thread
From: Tom Rix @ 2020-08-20 13:27 UTC (permalink / raw)
To: Herbert Xu; +Cc: davem, smueller, linux-crypto, linux-kernel
There are many divide by 0 reports. This one got attention because it is in crypto, where i believe problems, even false positives, should be fixed.
Tom
On 8/20/20 12:15 AM, Herbert Xu wrote:
> On Sun, Aug 02, 2020 at 10:12:47AM -0700, trix@redhat.com wrote:
>> From: Tom Rix <trix@redhat.com>
>>
>> Clang static analysis reports this error
>>
>> crypto/drbg.c:441:40: warning: Division by zero
>> padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg));
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~
>>
>> When drbg_bocklen fails it returns 0.
>>
>> if (drbg && drbg->core)
>> return drbg->core->blocklen_bytes;
>> return 0;
> Yes but it can only fail if the drbg is not instantiated. If
> you're hitting the generate path with an uninstantiated drbg you've
> got bigger problems than a divide by zero.
>
> So how is this even possible?
>
> Cheers,
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] crypto: drbg: check blocklen is non zero
2020-08-20 13:27 ` Tom Rix
@ 2020-08-20 20:06 ` Herbert Xu
0 siblings, 0 replies; 5+ messages in thread
From: Herbert Xu @ 2020-08-20 20:06 UTC (permalink / raw)
To: Tom Rix; +Cc: davem, smueller, linux-crypto, linux-kernel
On Thu, Aug 20, 2020 at 06:27:36AM -0700, Tom Rix wrote:
> There are many divide by 0 reports. This one got attention because it is in crypto, where i believe problems, even false positives, should be fixed.
Please don't top post.
AS your bug report is a false positive I'm rejecting your patch.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-08-20 20:07 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-02 17:12 [PATCH] crypto: drbg: check blocklen is non zero trix
2020-08-02 18:29 ` Stephan Mueller
2020-08-20 7:15 ` Herbert Xu
2020-08-20 13:27 ` Tom Rix
2020-08-20 20:06 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).