From fffec0d63e08dc57688b78b0c6bf98db252a1aa8 Mon Sep 17 00:00:00 2001 From: Mathew Heard Date: Mon, 12 Jul 2021 12:53:45 +1000 Subject: [PATCH] Fix overrun in prf() if hmac size not divisible into key size Not seen only due to chacha having a 64byte key and a 64byte HMAC (SHA512) being used --- src/openssl/prf.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/openssl/prf.c b/src/openssl/prf.c index 37af2ef5..f1f3d172 100644 --- a/src/openssl/prf.c +++ b/src/openssl/prf.c @@ -67,11 +67,13 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s } /* XOR the results of the outer HMAC into the out buffer */ - for(size_t i = 0; i < len && i < outlen; i++) { + size_t i; + + for(i = 0; i < len && i < outlen; i++) { *out++ ^= hash[i]; } - outlen -= len; + outlen -= i; } digest_close(digest); -- 2.20.1