Hi all,
I am reviewing the curvezmq code with a debugger :
Fact :
in curvezmq_codec.c (s_encrypt from s_produce_hello, line 288) :
memcpy (target, box + crypto_box_BOXZEROBYTES, size +
crypto_box_BOXZEROBYTES);
copies from (box + crypto_box_BOXZEROBYTES) (size +
crypto_box_BOXZEROBYTES) bytes
Debugger aborts (while the executable itself in a shell works well).
Consequences :
1) an amount of (crypto_box_BOXZEROBYTES) undefined bytes after the
box are copied to target, while the box is malloc-ed with a size of
(crypto_box_ZEROBYTES + size)
2) the spec "target must be nonce + box" is not fullfilled since
the first crypto_box_BOXZEROBYTES bytes of the box are not copied to
target (may be ok since they are zeros)
Possible solutions :
1) change to : memcpy (target, box + crypto_box_BOXZEROBYTES, size);
and set appropriatly the remaining (crypto_box_BOXZEROBYTES)
bytes of target
2) change to : memcpy (target, box, size + crypto_box_BOXZEROBYTES);
and adapt the size of target : hello_t.box becomes : bytes box[96]
3) change to : memcpy (target, box + crypto_box_BOXZEROBYTES, size);
and adapt the size of target : hello_t.box becomes : bytes box[64]
In addition : box should be malloc-ed with a size of
(crypto_box_BOXZEROBYTES + size) instead of (crypto_box_ZEROBYTES + size)
Cheers,
Laurent.
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
