monero-project
/
monero
mirror of https://github.com/monero-project/monero
7
0
Fork 2
Code Issues Releases Wiki Activity

keccak: error out if passed mdlen 100

Browse Source 
If we were to call it with 100, it would cause rsiz to be 0,
leading to an infinite loop.
This is really a pedantic patch, but since there's already a
range test, might as well make it better.
pull/8428/head
moneromooo-monero 2 years ago
parent 8f48f46495
commit 7a31d25b67
No known key found for this signature in database
GPG Key ID: 686F07454D6CEFC3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/crypto/keccak.c
Unescape View File

@ -123,7 +123,7 @@ void keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen)
size_t i, rsiz, rsizw;
static_assert(HASH_DATA_AREA <= sizeof(temp), "Bad keccak preconditions");
if (mdlen <= 0 || (mdlen > 100 && sizeof(st) != (size_t)mdlen))
if (mdlen <= 0 || (mdlen >= 100 && sizeof(st) != (size_t)mdlen))
{
local_abort("Bad keccak use");
}

Write Preview
Loading…
Cancel
Save