From 5561123a8a3a55328174164901ef66f7a5ec2130 Mon Sep 17 00:00:00 2001 From: Matt Mackall Date: Sun, 7 Oct 2007 00:19:10 +0200 Subject: [PATCH] random: fix error in entropy extraction (CVE-2007-2453 1 of 2) Fix cast error in entropy extraction. Add comments explaining the magic 16. Remove extra confusing loop variable. Signed-off-by: Matt Mackall Acked-by: Theodore Ts'o Signed-off-by: Adrian Bunk --- drivers/char/random.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/drivers/char/random.c b/drivers/char/random.c index 86be04b241e1..e237237b3c4a 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -758,7 +758,7 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min, static void extract_buf(struct entropy_store *r, __u8 *out) { - int i, x; + int i; __u32 data[16], buf[5 + SHA_WORKSPACE_WORDS]; sha_init(buf); @@ -770,9 +770,11 @@ static void extract_buf(struct entropy_store *r, __u8 *out) * attempts to find previous ouputs), unless the hash * function can be inverted. */ - for (i = 0, x = 0; i < r->poolinfo->poolwords; i += 16, x+=2) { - sha_transform(buf, (__u8 *)r->pool+i, buf + 5); - add_entropy_words(r, &buf[x % 5], 1); + for (i = 0; i < r->poolinfo->poolwords; i += 16) { + /* hash blocks of 16 words = 512 bits */ + sha_transform(buf, (__u8 *)(r->pool + i), buf + 5); + /* feed back portion of the resulting hash */ + add_entropy_words(r, &buf[i % 5], 1); } /* @@ -780,7 +782,7 @@ static void extract_buf(struct entropy_store *r, __u8 *out) * portion of the pool while mixing, and hash one * final time. */ - __add_entropy_words(r, &buf[x % 5], 1, data); + __add_entropy_words(r, &buf[i % 5], 1, data); sha_transform(buf, (__u8 *)data, buf + 5); /* -- 2.39.5