Undersized SipHash key leads to buffer out-of-bounds read

Question

Undersized SipHash key leads to buffer out-of-bounds read

guidovranken opened this issue 4 years ago · comments

#include <seckey.h>
#include <siphash.h>

int main(void)
{
    const uint8_t key[3] = { 0 };
    ::CryptoPP::SipHash<2, 4, false> siphash(key, sizeof(key));
    return 0;
}

I think it would be more appropriate to throw an exception in this case?

Jeffrey Walton · Answer 1 · Tue May 05 2020 00:52:01 GMT+0800 (China Standard Time)

Thanks @guidovranken.

Can you give Commit d6a5b7664bde a try?

diff --git a/siphash.h b/siphash.h
index 76dcccf6..4ffe1b50 100644
--- a/siphash.h
+++ b/siphash.h
@@ -148,7 +148,8 @@ public:
        /// \param key a byte array used to key the cipher
        /// \param length the size of the byte array, in bytes
        SipHash(const byte *key, unsigned int length)
-               {this->UncheckedSetKey(key, length, g_nullNameValuePairs);}
+               {this->ThrowIfInvalidKeyLength(length);
+                this->UncheckedSetKey(key, length, g_nullNameValuePairs);}
 };

 template <unsigned int C, unsigned int D, bool T_128bit>

Guido Vranken · Answer 2 · Tue May 05 2020 00:59:19 GMT+0800 (China Standard Time)

Thank you, confirmed fixed.