On So 11-03-06 13:41:16, Herbert Xu wrote:
> On Sat, Mar 11, 2006 at 02:03:39AM +0100, Adrian Bunk wrote:
> >
> > ...
> > #define loop8(i) \
>
> ...
>
> > t ^= E_KEY[8 * i + 7]; E_KEY[8 * i + 15] = t; \
> > }
> >
> > static int
> > aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32
> > *flags)
> > {
> > ...
> > case 32:
> > ...
> > for (i = 0; i < 7; ++i)
> > loop8 (i);
>
> OK this is not pretty but it is actually correct. Notice how we only
~~~~~~~~~~~~~~~~~
> overstep the mark for E_KEY but never for D_KEY. Since D_KEY is only
> initialised after this, it is OK for us to trash the start of D_KEY.
>
> It's just a trick that makes the code slightly nicer (and no I didn't
> write this nor am I necessarily condoning it :)
Overstepping array is not correct C. Even if gcc lays it out in order
where array-to-be-thrashed is after it, so it works in practice, it is
not okay. [Some kind of security-hardened-gcc may stop this as buffer
overflow, for example]
Pavel
--
161: {
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
