[feisty][PATCH] random-fix-error-in-entropy-extrac: msg#00006

>From a776f4bfa903f8408c6421ceb11432bbec1f03f5 Mon Sep 17 00:00:00 2001
From: Matt Mackall <mpm@xxxxxxxxxxx>
Date: Tue, 29 May 2007 21:54:27 -0500
Subject: [PATCH] random: fix error in entropy extraction (CVE-2007-2453)

Fix cast error in entropy extraction.
Add comments explaining the magic 16.
Remove extra confusing loop variable.

Signed-off-by: Matt Mackall <mpm@xxxxxxxxxxx>
Acked-by: "Theodore Ts'o" <tytso@xxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
(cherry picked from commit 602b6aeefe8932dd8bb15014e8fe6bb25d736361)
---
 drivers/char/random.c |   12 +++++++-----
 1 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/drivers/char/random.c b/drivers/char/random.c
index 13d0b13..c7f6093 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -760,7 +760,7 @@ static size_t account(struct entropy_store *r, size_t 
nbytes, int min,
 
 static void extract_buf(struct entropy_store *r, __u8 *out)
 {
-       int i, x;
+       int i;
        __u32 data[16], buf[5 + SHA_WORKSPACE_WORDS];
 
        sha_init(buf);
@@ -772,9 +772,11 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
         * attempts to find previous ouputs), unless the hash
         * function can be inverted.
         */
-       for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) {
-               sha_transform(buf, (__u8 *)r->pool+i, buf + 5);
-               add_entropy_words(r, &buf[x % 5], 1);
+       for (i = 0; i < r->poolinfo->poolwords; i += 16) {
+               /* hash blocks of 16 words = 512 bits */
+               sha_transform(buf, (__u8 *)(r->pool + i), buf + 5);
+               /* feed back portion of the resulting hash */
+               add_entropy_words(r, &buf[i % 5], 1);
        }
 
        /*
@@ -782,7 +784,7 @@ static void extract_buf(struct entropy_store *r, __u8 *out)
         * portion of the pool while mixing, and hash one
         * final time.
         */
-       __add_entropy_words(r, &buf[x % 5], 1, data);
+       __add_entropy_words(r, &buf[i % 5], 1, data);
        sha_transform(buf, (__u8 *)data, buf + 5);
 
        /*
-- 
1.4.4.2

<Prev in Thread]	Current Thread	[Next in Thread>

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[feisty][PATCH] CRYPTO-geode-Fix-in-place-operations-and-set-key (CVE-2007-2451), Phillip lougher
Next by Date:	[feisty][PATCH] random-fix-error-in-entropy-extraction (CVE-2007-2453), Phillip lougher
Previous by Thread:	[feisty][PATCH] CRYPTO-geode-Fix-in-place-operations-and-set-key (CVE-2007-2451), Phillip lougher
Next by Thread:	[feisty][PATCH] random-fix-error-in-entropy-extraction (CVE-2007-2453), Phillip lougher
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[feisty][PATCH] CRYPTO-geode-Fix-in-place-operations-and-set-key (CVE-2007-2451), Phillip lougher

Next by Date:

[feisty][PATCH] random-fix-error-in-entropy-extraction (CVE-2007-2453), Phillip lougher

Previous by Thread:

[feisty][PATCH] CRYPTO-geode-Fix-in-place-operations-and-set-key (CVE-2007-2451), Phillip lougher

Next by Thread:

[feisty][PATCH] random-fix-error-in-entropy-extraction (CVE-2007-2453), Phillip lougher

Indexes:

[Date] [Thread] [Top] [All Lists]

Free Magazines

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe

[feisty][PATCH] random-fix-error-in-entropy-extraction (CVE-2007-2453): msg#00006

Free Magazines