Hello List,
I'm trying to write some Haskell bindings for libgcrypt. I tripped over a
bug in the eme_pkcs_v1_5_encode function.
Even though you shouldn't, the library segfaults when using a key size of
less than 11 bytes in length.
Note the conditional below. By changing the if to "if (k < 11 || m_n > k -
11)", the function properly responds with GPG_ERR_TOO_SHORT rather than
segfaulting.
2239 /* Figure out key length in bytes. */
2240 k = options->key_size / 8;
2241
2242 if (m_n > k - 11)
2243 {
2244 /* Key is too short for message. */
2245 err = gcry_error (GPG_ERR_TOO_SHORT);
2246 goto out;
2247 }
Now, I may have just done something silly in my example program which would
cause this not to happen, but this seems like a good check to add.
Also, this is my first post. I'm sorry if I've broken list some etiquette.
My example program is posted here: http://gist.github.com/247935
Thanks for your time.
/jve
I'm trying to write some Haskell bindings for libgcrypt. I tripped over a
bug in the eme_pkcs_v1_5_encode function.
Even though you shouldn't, the library segfaults when using a key size of
less than 11 bytes in length.
Note the conditional below. By changing the if to "if (k < 11 || m_n > k -
11)", the function properly responds with GPG_ERR_TOO_SHORT rather than
segfaulting.
2239 /* Figure out key length in bytes. */
2240 k = options->key_size / 8;
2241
2242 if (m_n > k - 11)
2243 {
2244 /* Key is too short for message. */
2245 err = gcry_error (GPG_ERR_TOO_SHORT);
2246 goto out;
2247 }
Now, I may have just done something silly in my example program which would
cause this not to happen, but this seems like a good check to add.
Also, this is my first post. I'm sorry if I've broken list some etiquette.
My example program is posted here: http://gist.github.com/247935
Thanks for your time.
/jve