nmap/nse_openssl.cc at c9e759fe0bf0d32d4e0ee4677fc3f6e1e39bbd93

mirror of https://github.com/nmap/nmap.git synced 2026-01-03 05:09:14 +00:00

Files

david 181bb7ca93 Check the key and iv length before giving them to OpenSSL in l_encrypt

and l_decrypt. Otherwise, OpenSSL reads unallocated memory:

openssl.encrypt("DES", "key", "iv", "datadatadatadata")

==5691== Invalid read of size 1
==5691==    at 0x412F07D: DES_set_key_unchecked (in /usr/lib/libcrypto.so.0.9.8)
==5691==  Address 0x4bcc415 is 2 bytes after a block of size 19 alloc'd
==5691==    at 0x402598A: malloc (vg_replace_malloc.c:195)
==5691==    by 0x4025A16: realloc (vg_replace_malloc.c:476)
==5691==    by 0x80ED502: luaM_realloc_ (in /home/david/nmap/nmap)
==5691==    by 0x80F134B: luaS_newlstr (in /home/david/nmap/nmap)
==5691==    by 0x80F85FA: luaX_newstring (in /home/david/nmap/nmap)
==5691==    by 0x80F8FF6: llex (in /home/david/nmap/nmap)
==5691==    by 0x80F9861: luaX_next (in /home/david/nmap/nmap)
==5691==    by 0x80EDCAF: testnext (in /home/david/nmap/nmap)
==5691==    by 0x80EF718: explist1 (in /home/david/nmap/nmap)
==5691==    by 0x80EF7C0: funcargs (in /home/david/nmap/nmap)
==5691==    by 0x80EFA1C: primaryexp (in /home/david/nmap/nmap)
==5691==    by 0x80EEE16: subexpr (in /home/david/nmap/nmap)

2010-03-15 22:49:09 +00:00

18 KiB

Raw Blame History

View Raw

18 KiB Raw Blame History

18 KiB

Raw Blame History