RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-06-01 12:08:14 +00:00
Code Issues Activity Actions

LibCrypto: Fix an out-of-bounds access in UnsignedBigInteger

Browse source 
This is working fine for TLS because we have a big enough inline
capacity, but in theory we could have crashed at any time even with
our 512 words of inline capacity.
This commit is contained in:
DexesTTP 2021-05-13 08:30:29 +02:00 committed by Linus Groh
parent 28a6a9a08f
commit 0853d98420
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Userland/Libraries/LibCrypto/BigInt/UnsignedBigInteger.cpp
View file

@ -248,7 +248,7 @@ void UnsignedBigInteger::set_bit_inplace(size_t bit_index)
const size_t word_index = bit_index / UnsignedBigInteger::BITS_IN_WORD;
const size_t inner_word_index = bit_index % UnsignedBigInteger::BITS_IN_WORD;
m_words.ensure_capacity(word_index);
m_words.ensure_capacity(word_index + 1);
for (size_t i = length(); i <= word_index; ++i) {
m_words.unchecked_append(0);