diff options
| author | Riccardo Spagni <ric@spagni.net> | 2018-02-16 14:26:58 +0100 |
|---|---|---|
| committer | Riccardo Spagni <ric@spagni.net> | 2018-02-16 14:26:58 +0100 |
| commit | f4a6bc79d9a751480597aa007a1c6d315604f856 (patch) | |
| tree | 6cd77005a74333cef7d9b0d62e311177417c2d0a /src/crypto/keccak.c | |
| parent | Merge pull request #3252 (diff) | |
| parent | keccak: fix mdlen bounds sanity checking (diff) | |
| download | monero-f4a6bc79d9a751480597aa007a1c6d315604f856.tar.xz | |
Merge pull request #3226
e4646379 keccak: fix mdlen bounds sanity checking (moneromooo-monero)
2e3e90ac pass large parameters by const ref, not value (moneromooo-monero)
61defd89 blockchain: sanity check number of precomputed hash of hash blocks (moneromooo-monero)
9af6b2d1 ringct: fix infinite loop in unused h2b function (moneromooo-monero)
8cea8d0c simplewallet: double check a new multisig wallet is multisig (moneromooo-monero)
9b98a6ac threadpool: catch exceptions in dtor, to avoid terminate (moneromooo-monero)
24803ed9 blockchain_export: fix buffer overflow in exporter (moneromooo-monero)
f3f7da62 perf_timer: rewrite to make it clear there is no division by zero (moneromooo-monero)
c6ea3df0 performance_tests: remove add_arg call stray extra param (moneromooo-monero)
fa6b4566 fuzz_tests: fix an uninitialized var in setup (moneromooo-monero)
03887f11 keccak: fix sanity check bounds test (moneromooo-monero)
ad11db91 blockchain_db: initialize m_open in base class ctor (moneromooo-monero)
bece67f9 miner: restore std::cout precision after modification (moneromooo-monero)
1aabd14c db_lmdb: check hard fork info drop succeeded (moneromooo-monero)
Diffstat (limited to 'src/crypto/keccak.c')
| -rw-r--r-- | src/crypto/keccak.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/crypto/keccak.c b/src/crypto/keccak.c index 528a5406b..de8e2a5b3 100644 --- a/src/crypto/keccak.c +++ b/src/crypto/keccak.c @@ -92,7 +92,8 @@ void keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen) uint8_t temp[144]; size_t i, rsiz, rsizw; - if (mdlen <= 0 || mdlen > 200 || sizeof(st) != 200) + static_assert(HASH_DATA_AREA <= sizeof(temp), "Bad keccak preconditions"); + if (mdlen <= 0 || (mdlen > 100 && sizeof(st) != (size_t)mdlen)) { local_abort("Bad keccak use"); } @@ -109,7 +110,7 @@ void keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen) } // last block and padding - if (inlen >= sizeof(temp) || inlen > rsiz || rsiz - inlen + inlen + 1 >= sizeof(temp) || rsiz == 0 || rsiz - 1 >= sizeof(temp) || rsizw * 8 > sizeof(temp)) + if (inlen + 1 >= sizeof(temp) || inlen > rsiz || rsiz - inlen + inlen + 1 >= sizeof(temp) || rsiz == 0 || rsiz - 1 >= sizeof(temp) || rsizw * 8 > sizeof(temp)) { local_abort("Bad keccak use"); } |