diff options
author | Neal H. Walfield <neal@pep.foundation> | 2019-03-14 15:10:31 +0100 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2019-03-14 15:10:31 +0100 |
commit | a59409a81068180756657dbec08d2b54f7647d2a (patch) | |
tree | aeac7dd3da7daaf671cd6fea04f08cacc11e5942 /openpgp | |
parent | 5fb2e5b6801e63c0814726cab2800c8369bac956 (diff) |
openpgp: Don't read beyond the end of the buffer
Diffstat (limited to 'openpgp')
-rw-r--r-- | openpgp/src/crypto/mod.rs | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/openpgp/src/crypto/mod.rs b/openpgp/src/crypto/mod.rs index eb482c3a..8e56d424 100644 --- a/openpgp/src/crypto/mod.rs +++ b/openpgp/src/crypto/mod.rs @@ -3,7 +3,7 @@ use std::io::Read; use std::ops::{Deref, DerefMut}; use std::fmt; -use std::cmp::Ordering; +use std::cmp::{min, Ordering}; use memsec; use nettle::{self, Random, Yarrow}; @@ -214,7 +214,9 @@ fn hash_file_test() { /// Time-constant comparison. fn secure_cmp(a: &[u8], b: &[u8]) -> Ordering { let ord1 = a.len().cmp(&b.len()); - let ord2 = unsafe { memsec::memcmp(a.as_ptr(), b.as_ptr(), a.len()) }; + let ord2 = unsafe { + memsec::memcmp(a.as_ptr(), b.as_ptr(), min(a.len(), b.len())) + }; let ord2 = match ord2 { 0 => Ordering::Equal, a if a < 0 => Ordering::Less, |