diff options
| author | jsing <> | 2015-10-21 16:36:50 +0000 |
|---|---|---|
| committer | jsing <> | 2015-10-21 16:36:50 +0000 |
| commit | 8e683fccb8989afc1e9e74f5dc0a49b5a0275ec3 (patch) | |
| tree | d9ddeefeaea4e28bd9fe864f51bf2a6bfef681f5 | |
| parent | ef26ca54172e50b3204589c7474e95b12345d711 (diff) | |
| download | openbsd-8e683fccb8989afc1e9e74f5dc0a49b5a0275ec3.tar.gz openbsd-8e683fccb8989afc1e9e74f5dc0a49b5a0275ec3.tar.bz2 openbsd-8e683fccb8989afc1e9e74f5dc0a49b5a0275ec3.zip | |
In the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 code
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.
Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.
Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!
ok beck@ miod@
| -rw-r--r-- | src/lib/libcrypto/rc4/rc4_enc.c | 64 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/rc4/rc4_enc.c | 64 |
2 files changed, 2 insertions, 126 deletions
diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c index 57975a95ae..4dacf3f708 100644 --- a/src/lib/libcrypto/rc4/rc4_enc.c +++ b/src/lib/libcrypto/rc4/rc4_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rc4_enc.c,v 1.14 2015/10/20 15:50:13 jsing Exp $ */ | 1 | /* $OpenBSD: rc4_enc.c,v 1.15 2015/10/21 16:36:50 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -168,37 +168,6 @@ RC4(RC4_KEY *key, size_t len, const unsigned char *indata, | |||
| 168 | indata += sizeof(RC4_CHUNK); | 168 | indata += sizeof(RC4_CHUNK); |
| 169 | outdata += sizeof(RC4_CHUNK); | 169 | outdata += sizeof(RC4_CHUNK); |
| 170 | } | 170 | } |
| 171 | if (len) { | ||
| 172 | RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk; | ||
| 173 | |||
| 174 | ichunk = *(RC4_CHUNK *)indata; | ||
| 175 | ochunk = *(RC4_CHUNK *)outdata; | ||
| 176 | otp = 0; | ||
| 177 | i = BESHFT(0); | ||
| 178 | mask <<= (sizeof(RC4_CHUNK) - len) << 3; | ||
| 179 | switch (len & (sizeof(RC4_CHUNK) - 1)) { | ||
| 180 | case 7: | ||
| 181 | otp = RC4_STEP << i, i -= 8; | ||
| 182 | case 6: | ||
| 183 | otp |= RC4_STEP << i, i -= 8; | ||
| 184 | case 5: | ||
| 185 | otp |= RC4_STEP << i, i -= 8; | ||
| 186 | case 4: | ||
| 187 | otp |= RC4_STEP << i, i -= 8; | ||
| 188 | case 3: | ||
| 189 | otp |= RC4_STEP << i, i -= 8; | ||
| 190 | case 2: | ||
| 191 | otp |= RC4_STEP << i, i -= 8; | ||
| 192 | case 1: | ||
| 193 | otp |= RC4_STEP << i, i -= 8; | ||
| 194 | } | ||
| 195 | ochunk &= ~mask; | ||
| 196 | ochunk |= (otp ^ ichunk) & mask; | ||
| 197 | *(RC4_CHUNK *)outdata = ochunk; | ||
| 198 | } | ||
| 199 | key->x = x; | ||
| 200 | key->y = y; | ||
| 201 | return; | ||
| 202 | } else { /* LITTLE-ENDIAN CASE */ | 171 | } else { /* LITTLE-ENDIAN CASE */ |
| 203 | # define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) | 172 | # define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) |
| 204 | for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { | 173 | for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { |
| @@ -217,37 +186,6 @@ RC4(RC4_KEY *key, size_t len, const unsigned char *indata, | |||
| 217 | indata += sizeof(RC4_CHUNK); | 186 | indata += sizeof(RC4_CHUNK); |
| 218 | outdata += sizeof(RC4_CHUNK); | 187 | outdata += sizeof(RC4_CHUNK); |
| 219 | } | 188 | } |
| 220 | if (len) { | ||
| 221 | RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk; | ||
| 222 | |||
| 223 | ichunk = *(RC4_CHUNK *)indata; | ||
| 224 | ochunk = *(RC4_CHUNK *)outdata; | ||
| 225 | otp = 0; | ||
| 226 | i = 0; | ||
| 227 | mask >>= (sizeof(RC4_CHUNK) - len) << 3; | ||
| 228 | switch (len&(sizeof(RC4_CHUNK) - 1)) { | ||
| 229 | case 7: | ||
| 230 | otp = RC4_STEP, i += 8; | ||
| 231 | case 6: | ||
| 232 | otp |= RC4_STEP << i, i += 8; | ||
| 233 | case 5: | ||
| 234 | otp |= RC4_STEP << i, i += 8; | ||
| 235 | case 4: | ||
| 236 | otp |= RC4_STEP << i, i += 8; | ||
| 237 | case 3: | ||
| 238 | otp |= RC4_STEP << i, i += 8; | ||
| 239 | case 2: | ||
| 240 | otp |= RC4_STEP << i, i += 8; | ||
| 241 | case 1: | ||
| 242 | otp |= RC4_STEP << i, i += 8; | ||
| 243 | } | ||
| 244 | ochunk &= ~mask; | ||
| 245 | ochunk |= (otp ^ ichunk) & mask; | ||
| 246 | *(RC4_CHUNK *)outdata = ochunk; | ||
| 247 | } | ||
| 248 | key->x = x; | ||
| 249 | key->y = y; | ||
| 250 | return; | ||
| 251 | } | 189 | } |
| 252 | } | 190 | } |
| 253 | #endif | 191 | #endif |
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_enc.c b/src/lib/libssl/src/crypto/rc4/rc4_enc.c index 57975a95ae..4dacf3f708 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4_enc.c +++ b/src/lib/libssl/src/crypto/rc4/rc4_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rc4_enc.c,v 1.14 2015/10/20 15:50:13 jsing Exp $ */ | 1 | /* $OpenBSD: rc4_enc.c,v 1.15 2015/10/21 16:36:50 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -168,37 +168,6 @@ RC4(RC4_KEY *key, size_t len, const unsigned char *indata, | |||
| 168 | indata += sizeof(RC4_CHUNK); | 168 | indata += sizeof(RC4_CHUNK); |
| 169 | outdata += sizeof(RC4_CHUNK); | 169 | outdata += sizeof(RC4_CHUNK); |
| 170 | } | 170 | } |
| 171 | if (len) { | ||
| 172 | RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk; | ||
| 173 | |||
| 174 | ichunk = *(RC4_CHUNK *)indata; | ||
| 175 | ochunk = *(RC4_CHUNK *)outdata; | ||
| 176 | otp = 0; | ||
| 177 | i = BESHFT(0); | ||
| 178 | mask <<= (sizeof(RC4_CHUNK) - len) << 3; | ||
| 179 | switch (len & (sizeof(RC4_CHUNK) - 1)) { | ||
| 180 | case 7: | ||
| 181 | otp = RC4_STEP << i, i -= 8; | ||
| 182 | case 6: | ||
| 183 | otp |= RC4_STEP << i, i -= 8; | ||
| 184 | case 5: | ||
| 185 | otp |= RC4_STEP << i, i -= 8; | ||
| 186 | case 4: | ||
| 187 | otp |= RC4_STEP << i, i -= 8; | ||
| 188 | case 3: | ||
| 189 | otp |= RC4_STEP << i, i -= 8; | ||
| 190 | case 2: | ||
| 191 | otp |= RC4_STEP << i, i -= 8; | ||
| 192 | case 1: | ||
| 193 | otp |= RC4_STEP << i, i -= 8; | ||
| 194 | } | ||
| 195 | ochunk &= ~mask; | ||
| 196 | ochunk |= (otp ^ ichunk) & mask; | ||
| 197 | *(RC4_CHUNK *)outdata = ochunk; | ||
| 198 | } | ||
| 199 | key->x = x; | ||
| 200 | key->y = y; | ||
| 201 | return; | ||
| 202 | } else { /* LITTLE-ENDIAN CASE */ | 171 | } else { /* LITTLE-ENDIAN CASE */ |
| 203 | # define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) | 172 | # define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) |
| 204 | for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { | 173 | for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { |
| @@ -217,37 +186,6 @@ RC4(RC4_KEY *key, size_t len, const unsigned char *indata, | |||
| 217 | indata += sizeof(RC4_CHUNK); | 186 | indata += sizeof(RC4_CHUNK); |
| 218 | outdata += sizeof(RC4_CHUNK); | 187 | outdata += sizeof(RC4_CHUNK); |
| 219 | } | 188 | } |
| 220 | if (len) { | ||
| 221 | RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk; | ||
| 222 | |||
| 223 | ichunk = *(RC4_CHUNK *)indata; | ||
| 224 | ochunk = *(RC4_CHUNK *)outdata; | ||
| 225 | otp = 0; | ||
| 226 | i = 0; | ||
| 227 | mask >>= (sizeof(RC4_CHUNK) - len) << 3; | ||
| 228 | switch (len&(sizeof(RC4_CHUNK) - 1)) { | ||
| 229 | case 7: | ||
| 230 | otp = RC4_STEP, i += 8; | ||
| 231 | case 6: | ||
| 232 | otp |= RC4_STEP << i, i += 8; | ||
| 233 | case 5: | ||
| 234 | otp |= RC4_STEP << i, i += 8; | ||
| 235 | case 4: | ||
| 236 | otp |= RC4_STEP << i, i += 8; | ||
| 237 | case 3: | ||
| 238 | otp |= RC4_STEP << i, i += 8; | ||
| 239 | case 2: | ||
| 240 | otp |= RC4_STEP << i, i += 8; | ||
| 241 | case 1: | ||
| 242 | otp |= RC4_STEP << i, i += 8; | ||
| 243 | } | ||
| 244 | ochunk &= ~mask; | ||
| 245 | ochunk |= (otp ^ ichunk) & mask; | ||
| 246 | *(RC4_CHUNK *)outdata = ochunk; | ||
| 247 | } | ||
| 248 | key->x = x; | ||
| 249 | key->y = y; | ||
| 250 | return; | ||
| 251 | } | 189 | } |
| 252 | } | 190 | } |
| 253 | #endif | 191 | #endif |