Skip to content

Commit

Permalink
* src/munged/cipher.c (HAVE_LIBGCRYPT:_cipher_final): Changed so
Browse files Browse the repository at this point in the history 
  memcpy() of decrypted plaintext only occurs if data exists after
  PKCS #5 block padding has been removed.
  • Loading branch information
@dun
dun committed Nov 14, 2006
1 parent 2b305fb commit a0b5fbd
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 3 deletions.
4 changes: 4 additions & 0 deletions ChangeLog
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
2006-11-13 Chris Dunlap <[email protected]>

* src/munged/cipher.c (HAVE_LIBGCRYPT:_cipher_final): Changed so
memcpy() of decrypted plaintext only occurs if data exists after
PKCS #5 block padding has been removed.

* src/munged/cipher.c, src/munged/mac.c, src/munged/md.c:
Added log_msg()s at LOG_DEBUG to investigate infrequent "Unable to
encrypt credential" errors when using the blowfish cipher with
Expand Down
8 changes: 5 additions & 3 deletions src/munged/cipher.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -410,10 +410,12 @@ _cipher_final (cipher_ctx *x, void *dst, int *dstlen)
/* Copy decrypted plaintext to dst.
*/
n = x->blklen - pad;
if (*dstlen < n) {
return (-1);
if (n > 0) {
if (*dstlen < n) {
return (-1);
}
memcpy (dst, x->buf, n);
}
memcpy (dst, x->buf, n);
*dstlen = n;
}
return (0);
Expand Down

0 comments on commit a0b5fbd

Please sign in to comment.