CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/10/21 10:36:50
Modified files:
lib/libssl/src/crypto/rc4: rc4_enc.c
Log message:
In the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 code
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.
Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.
Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!
ok beck@ miod@
