Commit a81ae809 authored by Ondrej Mosnáček's avatar Ondrej Mosnáček Committed by Herbert Xu

crypto: morus640 - Fix out-of-bounds access

We must load the block from the temporary variable here, not directly
from the input.

Also add forgotten zeroing-out of the uninitialized part of the
temporary block (as is done correctly in morus1280.c).

Fixes: 396be41f ("crypto: morus - Add generic MORUS AEAD implementations")
Signed-off-by: default avatarOndrej Mosnacek <>
Signed-off-by: default avatarHerbert Xu <>
parent f044a84e
......@@ -274,8 +274,9 @@ static void crypto_morus640_decrypt_chunk(struct morus640_state *state, u8 *dst,
union morus640_block_in tail;
memcpy(tail.bytes, src, size);
memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size);
crypto_morus640_load_a(&m, src);
crypto_morus640_load_a(&m, tail.bytes);
crypto_morus640_core(state, &m);
crypto_morus640_store_a(tail.bytes, &m);
memset(tail.bytes + size, 0, MORUS640_BLOCK_SIZE - size);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment