Fwd: EccGnuPG Bug Report

Sergi Blanch i Torne sbt at megacceso.com
Fri Mar 30 23:19:22 CEST 2007


Hi,

To day I receive a bug report. The affected functions are not in the Libgcrypt 
port. The solution was discussed also to day with Timo, but the patch is not 
yet. Sorry, I will do as soon as possible.

This bad use of the wipememory() function can be found in sha256_hashing() and 
aes256_{encrypting,decrypting}() functions.

Oh, this bug affect also the other branch, the 0.1.

Thanks Timo

/Sergi.

----------  Missatge reenviat  ----------

Subject: EccGnuPG Bug Report
Date: Divendres, 30 de Març de 2007 13:20
From: Timo Schulz <twoaday at gmx.net>
To: d4372211 at alumnes.eup.udl.es

Hi,

based on your 0.2.0beta1 patch, I'm couldn't find any information
that this problem has been reported before, there is a 'bug' in
the way you use the wipememory function:

byte *hash_input_buf;

wipememory( hash_inp_buf, sizeof hash_inp_buf );


actually it should be
wipememory (hash_inp_buf, nbytes);
otherwise only sizeof (unsigned char *) == (4 or 8)
bytes would be overwritten.


	Timo

-------------------------------------------------------




More information about the Gnupg-devel mailing list