summaryrefslogtreecommitdiffstats
path: root/crypto/ahash.c
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2009-07-14 15:35:36 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2009-07-14 15:35:36 +0200
commit8c32c516eb1c1f9c14d25478442137c698788975 (patch)
treeba238ddbff551ac6c445e90ad9698a5aba55876a /crypto/ahash.c
parentcrypto: ahash - Remove old_ahash_alg (diff)
downloadlinux-8c32c516eb1c1f9c14d25478442137c698788975.tar.xz
linux-8c32c516eb1c1f9c14d25478442137c698788975.zip
crypto: hash - Zap unaligned buffers
Some unaligned buffers on the stack weren't zapped properly which may cause secret data to be leaked. This patch fixes them by doing a zero memset. It is also possible for us to place random kernel stack contents in the digest buffer if a digest operation fails. This is fixed by only copying if the operation succeeded. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/ahash.c')
-rw-r--r--crypto/ahash.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/ahash.c b/crypto/ahash.c
index cc824ef25830..1576f95f9afe 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -152,8 +152,7 @@ static int ahash_setkey_unaligned(struct crypto_ahash *tfm, const u8 *key,
alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
memcpy(alignbuffer, key, keylen);
ret = ahash->setkey(tfm, alignbuffer, keylen);
- memset(alignbuffer, 0, keylen);
- kfree(buffer);
+ kzfree(buffer);
return ret;
}