NotificationsYou must be signed in to change notification settings
Fork5
Star26

Commit2103218

committed

Fix stack clobber in new uuid-ossp code.

The V5 (SHA1 hashing) code wrote 20 bytes into a 16-byte local variable.This had accidentally failed to fail in my testing and Matteo's, butbuildfarm results exposed the problem.

1 parent8232d6d commit2103218Copy full SHA for 2103218

File tree

1 file changed

-1

lines changed

contrib/uuid-ossp
- uuid-ossp.c

1 file changed

-1

lines changed

`‎contrib/uuid-ossp/uuid-ossp.c`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -316,16 +316,19 @@ uuid_generate_internal(int v, unsigned char ns, char ptr, int len)`
`316`	`316`	`MD5Init(&ctx);`
`317`	`317`	`MD5Update(&ctx,ns,sizeof(uu));`
`318`	`318`	`MD5Update(&ctx, (unsignedchar*)ptr,len);`
	`319`	`+/* we assume sizeof MD5 result is 16, same as UUID size */`
`319`	`320`	`MD5Final((unsignedchar*)&uu,&ctx);`
`320`	`321`	`}`
`321`	`322`	`else`
`322`	`323`	`{`
`323`	`324`	`SHA1_CTXctx;`
	`325`	`+unsignedcharsha1result[SHA1_RESULTLEN];`
`324`	`326`
`325`	`327`	`SHA1Init(&ctx);`
`326`	`328`	`SHA1Update(&ctx,ns,sizeof(uu));`
`327`	`329`	`SHA1Update(&ctx, (unsignedchar*)ptr,len);`
`328`		`-SHA1Final((unsignedchar*)&uu,&ctx);`
	`330`	`+SHA1Final(sha1result,&ctx);`
	`331`	`+memcpy(&uu,sha1result,sizeof(uu));`
`329`	`332`	`}`
`330`	`333`
`331`	`334`	`/* the calculated hash is using local order */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit2103218

File tree

1 file changed

1 file changed

`‎contrib/uuid-ossp/uuid-ossp.c`

0 commit comments