crypto: cbc - Ensure statesize is zero

The cbc template should not be applied on stream ciphers, especially ones that have internal state. Enforce this by checking the state size when the instance is created. Reported-by: [email protected] Fixes: 47309ea ("crypto: arc4 - Add internal state") Signed-off-by: Herbert Xu <[email protected]>
noroot · Feb 2, 2024 · 69fba37 · 69fba37
1 parent ccb88e9
commit 69fba37
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/crypto/cbc.c b/crypto/cbc.c
@@ -148,6 +148,9 @@ static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
 	if (!is_power_of_2(inst->alg.co.base.cra_blocksize))
 		goto out_free_inst;
 
+	if (inst->alg.co.statesize)
+		goto out_free_inst;
+
 	inst->alg.encrypt = crypto_cbc_encrypt;
 	inst->alg.decrypt = crypto_cbc_decrypt;