Merge pull request #2920 from matrix/fix_25500_bof

Fixed buffer overflow in Stargazer Stellar Wallet XLM module
2025-02-22 20:42:07 +00:00 · 2021-08-01 10:27:28 +02:00 · 2021-08-01 10:27:28 +02:00 · 4d848cabbc
commit 4d848cabbc
parent 6bcbc218d6 a440a4dee5
2 changed files with 4 additions and 3 deletions
--- a/docs/changes.txt
+++ b/docs/changes.txt
@ -11,6 +11,7 @@
 ## Bugs
 ##

+- Fixed buffer overflow in Stargazer Stellar Wallet XLM module in hash_encode() if a hash was cracked
 - Fixed autotune unitialized tmps variable for slow hashes by calling _init kernel before calling _loop kernel
 - Fixed datatype in function sha384_hmac_init_vector_128() that could come into effect if vector datatype was manually set
 - Fixed false negative in all VeraCrypt hash-modes if both conditions are met: 1. use CPU for cracking and 2. PIM range was used
--- a/src/modules/module_25500.c
+++ b/src/modules/module_25500.c
@ -247,9 +247,9 @@ int module_hash_encode (MAYBE_UNUSED const hashconfig_t *hashconfig, MAYBE_UNUSE

  // salt

-  #define SALT_LEN_BASE64 ((16 * 8) / 6) + 3
-  #define IV_LEN_BASE64   ((12 * 8) / 6) + 3
-  #define CT_LEN_BASE64   ((72 * 8) / 6) + 3
+  #define SALT_LEN_BASE64 ((16 * 8) / 6) + 3 + 1 // 25 vs 24
+  #define IV_LEN_BASE64   ((12 * 8) / 6) + 1     // 17 vs 16
+  #define CT_LEN_BASE64   ((72 * 8) / 6) + 1     // 97 vs 96

  u8 salt_buf[SALT_LEN_BASE64] = { 0 };