Yubico / yubikey-personalization

38%

master: 39%

LAST BUILD ON BRANCH avoid_potential_stack_overwrite

branch: avoid_potential_stack_overwrite

CHANGE BRANCH

x

Reset

• avoid_potential_stack_overwrite
• clear_buf
• feb2019_sec_fixes
• fix_travis_ci
• fix_win_travis2
• fix_wrongsize
• getopt-gnuisms
• master
• msan_results
• ndef_text_utf16
• open_vid_pid
• return_fix
• scan
• spelling-error
• t-janitor
• test-codeql
• travis_osx
• update-fqdn
• usage-no-args
• v1.16.3
• v1.16.4
• v1.17.0
• v1.17.1
• v1.17.2
• v1.17.3
• v1.18.0
• v1.18.1
• v1.19.0
• v1.19.3
• v1.20.0
• validate_length

Build # 510

Build Type

Pull #142

travis-ci

Committed by web-flow

Commit Message

Tighten the salt_len check to avoid a potential stack buf overwrite further down.

If salt_len was 256:

 for (block_count = 1; block_count <= l; block_count++) {
                unsigned char block[256]; /* A big chunk, that's 2048 bits */
[ ... ]

                memcpy(block, salt, salt_len);
                block[salt_len + 0] = (block_count & 0xff000000) >> 24;
                block[salt_len + 1] = (block_count & 0x00ff0000) >> 16;
                block[salt_len + 2] = (block_count & 0x0000ff00) >>  8;
                block[salt_len + 3] = (block_count & 0x000000ff) >>  0;

        block[256] is outside the buffer and then the next lines would overwrite 3 more bytes

Pull Request Pull Request #142: Tighten the salt_len check to avoid a potential stack buf overwrite f…

Run Details

1 of 1 new or added line in 1 file covered. (100.0%)

580 of 1518 relevant lines covered (38.21%)

396.93 hits per line