Re: authenc: crash if key is not set

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Feb 24, 2017 at 09:24:34PM +0100, Stephan Müller wrote:
> Hi Herbert,
> 
> I am working on fuzzing the AF_ALG interface.
> 
> The fuzzer reliably triggered the following type of bug when I use 
> authenc(hmac(sha256),cbc(aes)) or other types of authenc() but do not call 
> setkey.
> 
> Note, it works with gcm or ccm.
> 
> Is that bug similar in nature as the algif_skcipher and algif_hash bugs that 
> were fixed with the *nokey functions?

Yes we need to add the same thing to AEAD.

Thanks,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux