aesni: Fix out-of-bound read when loading 192-bit AES keys

author Tobias Brunner <tobias@strongswan.org>

Tue, 13 Sep 2022 13:16:47 +0000 (15:16 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Thu, 15 Sep 2022 10:16:12 +0000 (12:16 +0200)
author Tobias Brunner <tobias@strongswan.org>
Tue, 13 Sep 2022 13:16:47 +0000 (15:16 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Thu, 15 Sep 2022 10:16:12 +0000 (12:16 +0200)
diff --git a/src/libstrongswan/plugins/aesni/aesni_key.c b/src/libstrongswan/plugins/aesni/aesni_key.c

index a9476124a6c3409928c7d5013927574987c37bcc..c055235907e3deccfd615fe444fde17a8d4e8f06 100644 (file)
--- a/src/libstrongswan/plugins/aesni/aesni_key.c
+++ b/src/libstrongswan/plugins/aesni/aesni_key.c
@@ -142,9 +142,11 @@ static __m128i _mm_shuffle_i01(__m128i a, __m128i b)
  static void expand192(__m128i *key, __m128i *schedule)
  {
         __m128i t1, t2, t3;
+       u_char buf[16] = {};
  
         schedule[0] = t1 = _mm_loadu_si128(key);
-       t2 = t3 = _mm_loadu_si128(key + 1);
+       memcpy(buf, key + 1, 8);
+       t2 = t3 = _mm_loadu_si128((__m128i*)buf);
  
         t2 = assist192(_mm_aeskeygenassist_si128(t2, 0x1), t2, &t1);
         schedule[1] = _mm_shuffle_i00(t3, t1);
author	Tobias Brunner <tobias@strongswan.org>
	Tue, 13 Sep 2022 13:16:47 +0000 (15:16 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Thu, 15 Sep 2022 10:16:12 +0000 (12:16 +0200)