chacha20/poly1305: make sure to clear the buffer at correct position (99d97842) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 99d97842 authored Nov 04, 2016 by

Richard Levitte Committed by Matt Caswell Nov 10, 2016

chacha20/poly1305: make sure to clear the buffer at correct position



The offset to the memory to clear was incorrect, causing a heap buffer
overflow.

CVE-2016-7054

Thanks to Robert Święcki for reporting this

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b8e4011fb26364e44230946b87ab38cc1c719aae)

parent 53c6cbf6

Hide whitespace changes

Inline Side-by-side

Please register or to comment