mark a heap overflow error

2024-01-11 09:44:21 +08:00 · 2024-01-11 09:44:21 +08:00 · 3a2c05dd77
commit 3a2c05dd77
parent d2386f84b3
1 changed files with 2 additions and 0 deletions
--- a/ChaCha20_DRBG.c
+++ b/ChaCha20_DRBG.c
@ -504,6 +504,8 @@ void ChaCha20_DRBG_Instantiate_algorithm(uint8_t *entropy_input, int nonce,
  uint8_t *requested_bits;
  time_t timep;

+  // 此处memcpy存在堆溢出,
+  // 有个96字节的写入，错误是在一个66字节区域的正右方进行的写操作
  memcpy(seed_material, entropy_input, entropy_input_len);
  memcpy(seed_material + entropy_input_len, &nonce, sizeof(nonce));
  memcpy(seed_material + entropy_input_len + sizeof(nonce),