summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGilad Ben-Yossef <gilad@benyossef.com>2017-01-16 13:17:55 +0200
committerSteffen Klassert <steffen.klassert@secunet.com>2017-01-16 12:57:48 +0100
commitebd89a2d0675f1325c2be5b7576fd8cb7e8defd0 (patch)
tree5f9baea38a77a5970ef807e70b3e39cd617382b3
parent3819a35fdb8f82428c2b5190f195c4e0b8c427bf (diff)
downloadlinux-ebd89a2d0675f1325c2be5b7576fd8cb7e8defd0.tar.bz2
IPsec: do not ignore crypto err in ah4 input
ah4 input processing uses the asynchronous hash crypto API which supplies an error code as part of the operation completion but the error code was being ignored. Treat a crypto API error indication as a verification failure. While a crypto API reported error would almost certainly result in a memcpy of the digest failing anyway and thus the security risk seems minor, performing a memory compare on what might be uninitialized memory is wrong. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
-rw-r--r--net/ipv4/ah4.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
index f2a71025a770..22377c8ff14b 100644
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -270,6 +270,9 @@ static void ah_input_done(struct crypto_async_request *base, int err)
int ihl = ip_hdrlen(skb);
int ah_hlen = (ah->hdrlen + 2) << 2;
+ if (err)
+ goto out;
+
work_iph = AH_SKB_CB(skb)->tmp;
auth_data = ah_tmp_auth(work_iph, ihl);
icv = ah_tmp_icv(ahp->ahash, auth_data, ahp->icv_trunc_len);