Re: [PATCH] crypto: drbg: check blocklen is non zero
On Thu, Aug 20, 2020 at 06:27:36AM -0700, Tom Rix wrote: > There are many divide by 0 reports. This one got attention because it is in > crypto, where i believe problems, even false positives, should be fixed. Please don't top post. AS your bug report is a false positive I'm rejecting your patch. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: drbg: check blocklen is non zero
There are many divide by 0 reports. This one got attention because it is in crypto, where i believe problems, even false positives, should be fixed. Tom On 8/20/20 12:15 AM, Herbert Xu wrote: > On Sun, Aug 02, 2020 at 10:12:47AM -0700, t...@redhat.com wrote: >> From: Tom Rix >> >> Clang static analysis reports this error >> >> crypto/drbg.c:441:40: warning: Division by zero >> padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg)); >> ~^~~ >> >> When drbg_bocklen fails it returns 0. >> >> if (drbg && drbg->core) >> return drbg->core->blocklen_bytes; >> return 0; > Yes but it can only fail if the drbg is not instantiated. If > you're hitting the generate path with an uninstantiated drbg you've > got bigger problems than a divide by zero. > > So how is this even possible? > > Cheers,
Re: [PATCH] crypto: drbg: check blocklen is non zero
On Sun, Aug 02, 2020 at 10:12:47AM -0700, t...@redhat.com wrote: > From: Tom Rix > > Clang static analysis reports this error > > crypto/drbg.c:441:40: warning: Division by zero > padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg)); > ~^~~ > > When drbg_bocklen fails it returns 0. > > if (drbg && drbg->core) > return drbg->core->blocklen_bytes; > return 0; Yes but it can only fail if the drbg is not instantiated. If you're hitting the generate path with an uninstantiated drbg you've got bigger problems than a divide by zero. So how is this even possible? Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] crypto: drbg: check blocklen is non zero
Am Sonntag, 2. August 2020, 19:12:47 CEST schrieb t...@redhat.com: Hi Tom, > From: Tom Rix > > Clang static analysis reports this error > > crypto/drbg.c:441:40: warning: Division by zero > padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg)); > ~^~~ > > When drbg_bocklen fails it returns 0. > > if (drbg && drbg->core) > return drbg->core->blocklen_bytes; > return 0; > > In many places in drbg_ctr_df drbg_bocklen is assumed to be non zero. > So turn the assumption into a check. > > Fixes: 541af946fe13 ("crypto: drbg - SP800-90A Deterministic Random Bit > Generator") > > Signed-off-by: Tom Rix Thank you. Reviewed-by: Stephan Mueller Ciao Stephan
[PATCH] crypto: drbg: check blocklen is non zero
From: Tom Rix Clang static analysis reports this error crypto/drbg.c:441:40: warning: Division by zero padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg)); ~^~~ When drbg_bocklen fails it returns 0. if (drbg && drbg->core) return drbg->core->blocklen_bytes; return 0; In many places in drbg_ctr_df drbg_bocklen is assumed to be non zero. So turn the assumption into a check. Fixes: 541af946fe13 ("crypto: drbg - SP800-90A Deterministic Random Bit Generator") Signed-off-by: Tom Rix --- crypto/drbg.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crypto/drbg.c b/crypto/drbg.c index e99fe34cfa00..bd9a137e5473 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -420,6 +420,9 @@ static int drbg_ctr_df(struct drbg_state *drbg, size_t inputlen = 0; struct drbg_string *seed = NULL; + if (!drbg_blocklen(drbg)) + return -EINVAL; + memset(pad, 0, drbg_blocklen(drbg)); memset(iv, 0, drbg_blocklen(drbg)); -- 2.18.1