Out-of-bounds writing and related unexpected behavior when element size > 1
cookiemon opened this issue · comments
There are some problems when key
or data
is an Array or Strings with an element size > 1 (e.g. Array{UInt32}
or UTF16String
).
encrypt!
and decrypt!
can write out of bounds and only encrypt parts of the data. The constructors of Encryptor
and Decryptor
expect a longer key than necessary and ignores the extra characters that you have to pass.
Some examples of this behavior: https://gist.github.com/cookiemon/408491052f701bc82973
The output this prints is: https://gist.github.com/cookiemon/06cf732f1ee94d9419c8
I expect it to either fail on unsupported types or encrypt/decrypt whole data, not write oob and not ignore bytes in key
that must be passed.
These are very good catches, and I'm commenting here to ensure that I remember to fix this.
Issues 1 and 3 in the script above have been addressed by #64, but the second issue (writing out of bounds) persists.
@cookiemon I have revisited this, and I think the 2nd issue presented in your scripts is not an issue at all, but instead a mismatch of datatypes.
Your data
input array is a Uint16
of length 16, which will require 32 bytes of storage to encrypt. out1
is not long enough for this output, which previously was unnoticed but now is rejected by encrypt!()
for being too short. out2
is long enough, and as such its entire length will be used.
With this, I consider all of these errors fixed. Thank you for your patience, and if you run into further issues, please do not hesitate to report them.