Cipher:XTS: Fix ciphertext stealing pointer arithmetic for sign corre…

…ctness (#1086) When copying the ciphertext for ciphertext stealing, there is a possibility of an arithmetic operation between unsigned values becoming negative causing ASAN to report error. This change ensures that the address subtraction occurs first before the operation on the unsigned integers which will never result in negative values now. Signed-off-by: Abhijith N Raj <[email protected]>
amd · Jan 6, 2025 · d0eb62f · d0eb62f
1 parent 96f6194
commit d0eb62f
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/lib/arch/zen3/vaes_xts.cc b/lib/arch/zen3/vaes_xts.cc
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022-2024, Advanced Micro Devices. All rights reserved.
+ * Copyright (C) 2022-2025, Advanced Micro Devices. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -357,7 +357,7 @@ EncryptXtsKernel(const Uint8* pSrc,
         utils::CopyBytes(p_tweak_8, p_lastTweak8, 16);
 
         utils::CopyBytes(p_stealed_text8 + extra_bytes_in_message_block,
-                         p_dest8 + (16 * (blocks - 1))
+                         (p_dest8 - 16)+ (16 * blocks)
                              + (extra_bytes_in_message_block),
                          (16 - extra_bytes_in_message_block));
 
@@ -369,7 +369,7 @@ EncryptXtsKernel(const Uint8* pSrc,
         AesEnc_1x256(&stealed_text, p_key128, nRounds);
         stealed_text = (tweak_1 ^ stealed_text);
 
-        utils::CopyBytes(p_dest8 + (16 * (blocks - 1)), p_stealed_text8, 16);
+        utils::CopyBytes((p_dest8 - 16) + 16 * blocks , p_stealed_text8, 16);
 
 // Swap low and high
 #ifdef AES_MULTI_UPDATE

diff --git a/lib/arch/zen4/vaes_xts.cc b/lib/arch/zen4/vaes_xts.cc
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2022-2024, Advanced Micro Devices. All rights reserved.
+ * Copyright (C) 2022-2025, Advanced Micro Devices. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -385,7 +385,7 @@ EncryptXtsAvx512(const Uint8* pSrc,
 
         utils::CopyBytes(
             p_stealed_text + extra_bytes_in_message_block,
-            p_dest8 + (extra_bytes_in_message_block + (16 * (blocks - 1))),
+            (p_dest8 - 16)+ (extra_bytes_in_message_block + 16 *blocks),
             (16 - extra_bytes_in_message_block));
 
         utils::CopyBytes(p_stealed_text,
@@ -396,7 +396,7 @@ EncryptXtsAvx512(const Uint8* pSrc,
         AesEnc_1x512(&stealed_text, p_key128, nRounds);
         stealed_text = _mm512_xor_epi64(temp_tweak, stealed_text);
 
-        utils::CopyBytes(p_dest8 + (16 * (blocks - 1)), p_stealed_text, 16);
+        utils::CopyBytes((p_dest8- 16 )+ 16 * blocks , p_stealed_text, 16);
 
 // Rotate to get next tweak block
 #ifdef AES_MULTI_UPDATE