diff options
author | Ondrej Kos <okos@redhat.com> | 2012-09-07 10:47:03 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-09-07 14:06:52 +0200 |
commit | 73505920a70e33977e84c69b4c3c598f683b7526 (patch) | |
tree | 99ccc3eb502b9fb6ecc7faa05e5dac73ebd747be /src/util | |
parent | 38c17ce78d1336c04f26595467722da6b2a67512 (diff) | |
download | sssd-73505920a70e33977e84c69b4c3c598f683b7526.tar.gz sssd-73505920a70e33977e84c69b4c3c598f683b7526.tar.bz2 sssd-73505920a70e33977e84c69b4c3c598f683b7526.zip |
Out-of-bounds read fix in hmac-sha-1
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/crypto/nss/nss_hmac_sha1.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/util/crypto/nss/nss_hmac_sha1.c b/src/util/crypto/nss/nss_hmac_sha1.c index 6faa09ae..7074fe76 100644 --- a/src/util/crypto/nss/nss_hmac_sha1.c +++ b/src/util/crypto/nss/nss_hmac_sha1.c @@ -63,7 +63,9 @@ int sss_hmac_sha1(const unsigned char *key, } else { /* keys shorter than blocksize are zero-padded */ memcpy(ikey, key, key_len); - memset(ikey + key_len, 0, HMAC_SHA1_BLOCKSIZE - key_len); + if (key_len != HMAC_SHA1_BLOCKSIZE) { + memset(ikey + key_len, 0, HMAC_SHA1_BLOCKSIZE - key_len); + } } /* HMAC(key, msg) = HASH(key XOR opad, HASH(key XOR ipad, msg)) */ |