patch 8.2.3247: using uninitialized memory when checking for crypt methodv8.2.3247

Problem: Using uninitialized memory when checking for crypt method. Solution: Check the header length before using the salt and seed.
author: Bram Moolenaar <Bram@vim.org> 2021-07-29 21:23:50 +0200
committer: Bram Moolenaar <Bram@vim.org> 2021-07-29 21:23:50 +0200
commit: 77ab4e28a26a92628bc85cd580c1bfa2b6230be6 (patch)
tree: 95d45450d048d217dad80a4e1d1e2406dae6dc63 /src/fileio.c
parent: 77111e2bfc7316eb6b1e653386cef6441af806f8 (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/src/fileio.c b/src/fileio.c
index 81a7b50915..eb46f1fd86 100644
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -2917,15 +2917,16 @@ check_for_cryptkey(
 	{
 	    int header_len;
 
-	    curbuf->b_cryptstate = crypt_create_from_header(
-						       method, cryptkey, ptr);
-	    crypt_set_cm_option(curbuf, method);
-
-	    // Remove cryptmethod specific header from the text.
 	    header_len = crypt_get_header_len(method);
 	    if (*sizep <= header_len)
 		// invalid header, buffer can't be encrypted
 		return NULL;
+
+	    curbuf->b_cryptstate = crypt_create_from_header(
+							method, cryptkey, ptr);
+	    crypt_set_cm_option(curbuf, method);
+
+	    // Remove cryptmethod specific header from the text.
 	    *filesizep += header_len;
 	    *sizep -= header_len;
 	    mch_memmove(ptr, ptr + header_len, (size_t)*sizep);
author	Bram Moolenaar <Bram@vim.org>	2021-07-29 21:23:50 +0200
committer	Bram Moolenaar <Bram@vim.org>	2021-07-29 21:23:50 +0200
commit	77ab4e28a26a92628bc85cd580c1bfa2b6230be6 (patch)
tree	95d45450d048d217dad80a4e1d1e2406dae6dc63 /src/fileio.c
parent	77111e2bfc7316eb6b1e653386cef6441af806f8 (diff)