Skip to content
This repository has been archived by the owner on Oct 28, 2021. It is now read-only.

heap-overflow in cryptopp_aes128_cbc #5474

Open
etam opened this issue Feb 8, 2019 · 1 comment
Open

heap-overflow in cryptopp_aes128_cbc #5474

etam opened this issue Feb 8, 2019 · 1 comment
Labels
bug

Comments

@etam
Copy link

etam commented Feb 8, 2019

cryptopp_aes128_cbc test is failing for me with "free(): invalid pointer" and valgrind reports "Invalid write of size 8" at CryptoPP::CBC_Decryption::ProcessData.

This commit ff6f963 was supposed to fix the issue, but I think it didn't change anything.

cipher.size() == 32 and string192.size() == 24 therefore decrypting cipher to string192 must overflow.
@chfast
Copy link
Member

chfast commented Feb 8, 2019

Confirmed in #5480.

I believe it was assumed that decryption will handle the padding.

@chfast chfast added the bug label Feb 8, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@etam @chfast