| From 602b6aeefe8932dd8bb15014e8fe6bb25d736361 Mon Sep 17 00:00:00 2001 |
| From: Matt Mackall <mpm@selenic.com> |
| Date: Tue, 29 May 2007 21:54:27 -0500 |
| Subject: random: fix error in entropy extraction (CVE-2007-2453 1 of 2) |
| |
| Fix cast error in entropy extraction. |
| Add comments explaining the magic 16. |
| Remove extra confusing loop variable. |
| |
| Signed-off-by: Matt Mackall <mpm@selenic.com> |
| Acked-by: "Theodore Ts'o" <tytso@mit.edu> |
| Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
| Signed-off-by: Chris Wright <chrisw@sous-sol.org> |
| --- |
| drivers/char/random.c | 12 +++++++----- |
| 1 file changed, 7 insertions(+), 5 deletions(-) |
| |
| --- linux-2.6.21.3.orig/drivers/char/random.c |
| +++ linux-2.6.21.3/drivers/char/random.c |
| @@ -760,7 +760,7 @@ static size_t account(struct entropy_sto |
| |
| static void extract_buf(struct entropy_store *r, __u8 *out) |
| { |
| - int i, x; |
| + int i; |
| __u32 data[16], buf[5 + SHA_WORKSPACE_WORDS]; |
| |
| sha_init(buf); |
| @@ -772,9 +772,11 @@ static void extract_buf(struct entropy_s |
| * attempts to find previous ouputs), unless the hash |
| * function can be inverted. |
| */ |
| - for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) { |
| - sha_transform(buf, (__u8 *)r->pool+i, buf + 5); |
| - add_entropy_words(r, &buf[x % 5], 1); |
| + for (i = 0; i < r->poolinfo->poolwords; i += 16) { |
| + /* hash blocks of 16 words = 512 bits */ |
| + sha_transform(buf, (__u8 *)(r->pool + i), buf + 5); |
| + /* feed back portion of the resulting hash */ |
| + add_entropy_words(r, &buf[i % 5], 1); |
| } |
| |
| /* |
| @@ -782,7 +784,7 @@ static void extract_buf(struct entropy_s |
| * portion of the pool while mixing, and hash one |
| * final time. |
| */ |
| - __add_entropy_words(r, &buf[x % 5], 1, data); |
| + __add_entropy_words(r, &buf[i % 5], 1, data); |
| sha_transform(buf, (__u8 *)data, buf + 5); |
| |
| /* |
