potential encryption overflow
Bug #1119999 reported by
Seth Arnold
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| vde2 (Ubuntu) |
Triaged
|
Undecided
|
Unassigned | ||
Bug Description
data_encypt() encrypts the data from the src buffer and places it in the dst buffer. The OpenSSL documentation is clear that the destination buffer needs to be large enough to handle (inl + cipher_block_size - 1) bytes of output, however data_encrypt() and send_udp() do not enforce that the destination buffer is the necessary size larger than the source buffer. If this constraint is somehow enforced by coding convention, please annotate that convention at the call site and data declaration sites.
Revision history for this message
| Seth Arnold (seth-arnold) wrote | #1 |
| Changed in vde2 (Ubuntu): | |
| status: | New → Triaged |
| information type: | Private Security → Public Security |
To post a comment you must log in.
https:/