If src == dst, ctr16 code will fail to increment src and dst pointers, always overwriting first block.
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com --- ctr16.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ctr16.c b/ctr16.c index 60418e8b9032..7e1c23d20832 100644 --- a/ctr16.c +++ b/ctr16.c @@ -91,7 +91,7 @@ _ctr_crypt16(const void *ctx, nettle_cipher_func *f, f(ctx, CTR_BUFFER_LIMIT, buffer->b, buffer->b); if (length - i < CTR_BUFFER_LIMIT) goto done; - memxor3 (dst, src, buffer->b, CTR_BUFFER_LIMIT); + memxor3 (dst + i, src + i, buffer->b, CTR_BUFFER_LIMIT); }
if (blocks > 0)
Niels,
This is an important bugfix. Current code will just silently skip higher blocks. Do you want a demonstration/testcase from me? чт, 20 сент. 2018 г. в 14:32, Dmitry Eremin-Solenikov dbaryshkov@gmail.com:
If src == dst, ctr16 code will fail to increment src and dst pointers, always overwriting first block.
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
ctr16.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ctr16.c b/ctr16.c index 60418e8b9032..7e1c23d20832 100644 --- a/ctr16.c +++ b/ctr16.c @@ -91,7 +91,7 @@ _ctr_crypt16(const void *ctx, nettle_cipher_func *f, f(ctx, CTR_BUFFER_LIMIT, buffer->b, buffer->b); if (length - i < CTR_BUFFER_LIMIT) goto done;
memxor3 (dst, src, buffer->b, CTR_BUFFER_LIMIT);
memxor3 (dst + i, src + i, buffer->b, CTR_BUFFER_LIMIT); } if (blocks > 0)-- 2.18.0
Dmitry Eremin-Solenikov dbaryshkov@gmail.com writes:
This is an important bugfix. Current code will just silently skip higher blocks. Do you want a demonstration/testcase from me?
A patch to extend the testsuite is highly appreciated. I agree it's a severe bug, thanks for reporting.
Regards, /Niels
Dmitry Eremin-Solenikov dbaryshkov@gmail.com writes:
If src == dst, ctr16 code will fail to increment src and dst pointers, always overwriting first block.
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
ctr16.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ctr16.c b/ctr16.c index 60418e8b9032..7e1c23d20832 100644 --- a/ctr16.c +++ b/ctr16.c @@ -91,7 +91,7 @@ _ctr_crypt16(const void *ctx, nettle_cipher_func *f, f(ctx, CTR_BUFFER_LIMIT, buffer->b, buffer->b); if (length - i < CTR_BUFFER_LIMIT) goto done;
memxor3 (dst, src, buffer->b, CTR_BUFFER_LIMIT);
memxor3 (dst + i, src + i, buffer->b, CTR_BUFFER_LIMIT);}
if (blocks > 0)
Applied, thanks!
If I understand this correctly, bug is triggered only when processing >= 1024 bytes (2 * CTR_BUFFER_LIMIT) at a time. If you would like to write a test case, that's appreciated.
Regards, /Niels
ср, 10 окт. 2018 г. в 20:29, Niels Möller nisse@lysator.liu.se:
Dmitry Eremin-Solenikov dbaryshkov@gmail.com writes:
If src == dst, ctr16 code will fail to increment src and dst pointers, always overwriting first block.
Signed-off-by: Dmitry Eremin-Solenikov dbaryshkov@gmail.com
ctr16.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ctr16.c b/ctr16.c index 60418e8b9032..7e1c23d20832 100644 --- a/ctr16.c +++ b/ctr16.c @@ -91,7 +91,7 @@ _ctr_crypt16(const void *ctx, nettle_cipher_func *f, f(ctx, CTR_BUFFER_LIMIT, buffer->b, buffer->b); if (length - i < CTR_BUFFER_LIMIT) goto done;
memxor3 (dst, src, buffer->b, CTR_BUFFER_LIMIT);
memxor3 (dst + i, src + i, buffer->b, CTR_BUFFER_LIMIT); } if (blocks > 0)Applied, thanks!
Thank you!
If I understand this correctly, bug is triggered only when processing >= 1024 bytes (2 * CTR_BUFFER_LIMIT) at a time.
Yes.
If you would like to write a test case, that's appreciated.
I will try to, though I'm busy with other tasks.
nettle-bugs@lists.lysator.liu.se
-
Dmitry Eremin-Solenikov -
nisse@lysator.liu.se