On Fri, May 21, 2021 at 11:23:36AM +0800, Yiyuan guo wrote:
> In crypto/drbg.c, the function drbg_ctr_df has the following code:
>
> padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg));
>
> However, the function drbg_blocklen may return zero:
>
> static inline __u8 drbg_blocklen(struct drbg_state *drbg)
> {
> if (drbg && drbg->core)
> return drbg->core->blocklen_bytes;
> return 0;
> }
>
> Is it possible to trigger a divide by zero problem here?
Add Stephan to the cc as he is the author.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
