From 3ac34ca375732df26871faba9ff6a4b79571a4c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Attila=20F=C3=BCl=C3=B6p?= Date: Fri, 6 Dec 2019 18:36:19 +0100 Subject: [PATCH] ICP: Fix out of bounds write MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If gcm_mode_encrypt_contiguous_blocks() is called more than once in succession, with the accumulated lengths being less than blocksize, ctx->copy_to will be incorrectly advanced. Later, if out is NULL, the bcopy at line 114 will overflow ctx->gcm_copy_to since ctx->gcm_remainder_len is larger than the ctx->gcm_copy_to buffer can hold. The fix is to set ctx->copy_to only if it's not already set. For ZoL the issue may be academic, since in all my testing I wasn't able to hit neither of both conditions needed to trigger it, but other consumers can easily do so. Reviewed-by: Brian Behlendorf Reviewed-by: Tom Caputi Signed-off-by: Attila Fülöp Closes #9660 --- module/icp/algs/modes/gcm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/module/icp/algs/modes/gcm.c b/module/icp/algs/modes/gcm.c index 339ffb86f1..71ea16d247 100644 --- a/module/icp/algs/modes/gcm.c +++ b/module/icp/algs/modes/gcm.c @@ -67,7 +67,9 @@ gcm_mode_encrypt_contiguous_blocks(gcm_ctx_t *ctx, char *data, size_t length, (uint8_t *)ctx->gcm_remainder + ctx->gcm_remainder_len, length); ctx->gcm_remainder_len += length; - ctx->gcm_copy_to = datap; + if (ctx->gcm_copy_to == NULL) { + ctx->gcm_copy_to = datap; + } return (CRYPTO_SUCCESS); }