Hello, I have been using the Integer class for some big number operations and seem to have found a buffer overflow in at least the Integer::And routine, I have not yet inspected any more..
Extract from integer.cpp // This is a bit operation. We set sign to POSITIVE, so there's no need to // worry about negative zero. Also see http://stackoverflow.com/q/11644362. Integer Integer::And(const Integer& t) const { if (this == &t) { return AbsoluteValue(); } else if (reg.size() >= t.reg.size()) { Integer result(t); AndWords(result.reg, reg, t.reg.size()); result.sign = POSITIVE; return result; } else // reg.size() < t.reg.size() { Integer result(*this); AndWords(result.reg, t.reg, reg.size()); result.sign = POSITIVE; return result; } } The issue is casued in the temporary result variable. When result copies t or this in its constructor, it calculates the minimum size required to fit the current number in t or this. If the top order bits of t or this have gone zero it will allocate less bytes than the size of t or this. However the following AndWords routine performs a copy using the size of the original number, either t or this. Changing the value to result.reg.size() appears to fix the issue at least for my use case. Best Regards, Tony. -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/96db662a-d911-4546-8f09-e5c589aba47dn%40googlegroups.com.