openpgp: Don't read beyond the end of the buffer

author: Neal H. Walfield <neal@pep.foundation> 2019-03-14 15:10:31 +0100
committer: Neal H. Walfield <neal@pep.foundation> 2019-03-14 15:10:31 +0100
commit: a59409a81068180756657dbec08d2b54f7647d2a (patch)
tree: aeac7dd3da7daaf671cd6fea04f08cacc11e5942 /openpgp/src/crypto/mod.rs
parent: 5fb2e5b6801e63c0814726cab2800c8369bac956 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/openpgp/src/crypto/mod.rs b/openpgp/src/crypto/mod.rs
index eb482c3a..8e56d424 100644
--- a/openpgp/src/crypto/mod.rs
+++ b/openpgp/src/crypto/mod.rs
@@ -3,7 +3,7 @@
 use std::io::Read;
 use std::ops::{Deref, DerefMut};
 use std::fmt;
-use std::cmp::Ordering;
+use std::cmp::{min, Ordering};
 
 use memsec;
 use nettle::{self, Random, Yarrow};
@@ -214,7 +214,9 @@ fn hash_file_test() {
 /// Time-constant comparison.
 fn secure_cmp(a: &[u8], b: &[u8]) -> Ordering {
     let ord1 = a.len().cmp(&b.len());
-    let ord2 = unsafe { memsec::memcmp(a.as_ptr(), b.as_ptr(), a.len()) };
+    let ord2 = unsafe {
+        memsec::memcmp(a.as_ptr(), b.as_ptr(), min(a.len(), b.len()))
+    };
     let ord2 = match ord2 {
         0 => Ordering::Equal,
         a if a < 0 => Ordering::Less,
author	Neal H. Walfield <neal@pep.foundation>	2019-03-14 15:10:31 +0100
committer	Neal H. Walfield <neal@pep.foundation>	2019-03-14 15:10:31 +0100
commit	a59409a81068180756657dbec08d2b54f7647d2a (patch)
tree	aeac7dd3da7daaf671cd6fea04f08cacc11e5942 /openpgp/src/crypto/mod.rs
parent	5fb2e5b6801e63c0814726cab2800c8369bac956 (diff)