random: fix output buffer folding · tjh.dev/kernel@679ce0a

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

random: fix output buffer folding

(As reported by linux@horizon.com)

Folding is done to minimize the theoretical possibility of systematic
weakness in the particular bits of the SHA1 hash output. The result of
this bug is that 16 out of 80 bits are un-folded. Without a major new
vulnerability being found in SHA1, this is harmless, but still worth
fixing.

Signed-off-by: Matt Mackall <mpm@selenic.com>
Cc: <linux@horizon.com>
Cc: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Matt Mackall and committed by

Linus Torvalds 19 years ago 679ce0ac 39a27902

+1 -1

1 changed file

expand all

drivers

char

random.c

+1 -1

drivers/char/random.c

··· 794 794 795 795 buf[0] ^= buf[3]; 796 796 buf[1] ^= buf[4]; 797 - buf[0] ^= rol32(buf[3], 16); 797 + buf[2] ^= rol32(buf[2], 16); 798 798 memcpy(out, buf, EXTRACT_SIZE); 799 799 memset(buf, 0, sizeof(buf)); 800 800 }

Configure Feed

Configure Feed