motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-05 00:33:55 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto/hash: avoid overwriting user supplied result pointer

Browse source 
If the user provides a pre-allocated buffer for the hash result,
we must use that rather than re-allocating a new buffer.

Reported-by: Dorjoy Chowdhury <dorjoychy111@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2024-10-15 13:25:36 +01:00
parent b5b89e9bc6
commit dde538c9a7
4 changed files with 44 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

16
crypto/hash-gnutls.c
View file

@ -115,14 +115,24 @@ int qcrypto_gnutls_hash_finalize(QCryptoHash *hash,
Error **errp)
{
gnutls_hash_hd_t *ctx = hash->opaque;
int ret;
*result_len = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]);
if (*result_len == 0) {
ret = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]);
if (ret == 0) {
error_setg(errp, "Unable to get hash length");
return -1;
}
*result = g_new(uint8_t, *result_len);
if (*result_len == 0) {
*result_len = ret;
*result = g_new(uint8_t, *result_len);
} else if (*result_len != ret) {
error_setg(errp,
"Result buffer size %zu is smaller than hash %d",
*result_len, ret);
return -1;
}
gnutls_hash_output(*ctx, *result);
return 0;
}