JehanneOS/jehanne
JehanneOS
/
jehanne
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

libsec: fix des56to64 access to key array 

CID 155910 (#1 of 1): Out-of-bounds access (OVERRUN)1.

overrun-buffer-val: Overrunning buffer pointed to by key of 7 bytes by passing it to a function which accesses it at byte offset 63.
This commit is contained in:
Giacomo Tesio 2017-01-17 00:01:08 +01:00
parent e2b5953d99
commit 41a9489dd4
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/src/lib/sec/port/des.c
View File

@ -435,8 +435,8 @@ des56to64(uint8_t *k56, uint8_t *k64)
{
uint32_t hi, lo;
hi = ((uint32_t)k56[0]<<24)|((uint32_t)k56[1]<<16)|((uint32_t)k56[2]<<8)|k56[3];
lo = ((uint32_t)k56[4]<<24)|((uint32_t)k56[5]<<16)|((uint32_t)k56[6]<<8);
hi = (k56[0]<<24)|(k56[1]<<16)|(k56[2]<<8)|k56[3];
lo = (k56[4]<<24)|(k56[5]<<16)|(k56[6]<<8);
k64[0] = parity[(hi>>25)&0x7f];
k64[1] = parity[(hi>>18)&0x7f];