Commit 54bb290b authored by Matt Mackall's avatar Matt Mackall Committed by Chris Wright

[PATCH] random: fix error in entropy extraction (CVE-2007-2453 1 of 2)

Fix cast error in entropy extraction.
Add comments explaining the magic 16.
Remove extra confusing loop variable.
Signed-off-by: default avatarMatt Mackall <mpm@selenic.com>
Acked-by: default avatar"Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: default avatarChris Wright <chrisw@sous-sol.org>
parent fcfbb42b
...@@ -760,7 +760,7 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min, ...@@ -760,7 +760,7 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min,
static void extract_buf(struct entropy_store *r, __u8 *out) static void extract_buf(struct entropy_store *r, __u8 *out)
{ {
int i, x; int i;
__u32 data[16], buf[5 + SHA_WORKSPACE_WORDS]; __u32 data[16], buf[5 + SHA_WORKSPACE_WORDS];
sha_init(buf); sha_init(buf);
...@@ -772,9 +772,11 @@ static void extract_buf(struct entropy_store *r, __u8 *out) ...@@ -772,9 +772,11 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
* attempts to find previous ouputs), unless the hash * attempts to find previous ouputs), unless the hash
* function can be inverted. * function can be inverted.
*/ */
for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) { for (i = 0; i < r->poolinfo->poolwords; i += 16) {
sha_transform(buf, (__u8 *)r->pool+i, buf + 5); /* hash blocks of 16 words = 512 bits */
add_entropy_words(r, &buf[x % 5], 1); sha_transform(buf, (__u8 *)(r->pool + i), buf + 5);
/* feed back portion of the resulting hash */
add_entropy_words(r, &buf[i % 5], 1);
} }
/* /*
...@@ -782,7 +784,7 @@ static void extract_buf(struct entropy_store *r, __u8 *out) ...@@ -782,7 +784,7 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
* portion of the pool while mixing, and hash one * portion of the pool while mixing, and hash one
* final time. * final time.
*/ */
__add_entropy_words(r, &buf[x % 5], 1, data); __add_entropy_words(r, &buf[i % 5], 1, data);
sha_transform(buf, (__u8 *)data, buf + 5); sha_transform(buf, (__u8 *)data, buf + 5);
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment