Changeset ccfa7d1


Ignore:
Timestamp:
Mar 1, 2010, 8:33:48 PM (10 years ago)
Author:
Nelson Elhage <nelhage@mit.edu>
Branches:
release-1.5
Children:
212d8b7
Parents:
19b2766
git-author:
Anders Kaseorg <andersk@mit.edu> (02/08/10 22:35:46)
git-committer:
Nelson Elhage <nelhage@mit.edu> (03/01/10 20:33:48)
Message:
zcrypt: Don’t read off the end of misaligned input messages.

This fixes an input buffer overflow noticed by asedeno and andersk.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-by: Nelson Elhage <nelhage@mit.edu>
File:
1 edited

Legend:

Unmodified
Added
Removed
  • zcrypt.c

    rc4b5de8 rccfa7d1  
    113113
    114114  inptr=in;
    115   endptr=in+strlen(in)-1;
    116   while (inptr<endptr) {
     115  endptr = in + strlen(in);
     116  while (inptr + 16 <= endptr) {
    117117    for (i=0; i<8; i++) {
    118118      c1=(inptr[0])-BASE_CODE;
Note: See TracChangeset for help on using the changeset viewer.