eliott/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird synced 2026-04-28 10:37:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

LibCrypto: Fix an out-of-bounds access in UnsignedBigInteger

Browse Source 
This is working fine for TLS because we have a big enough inline
capacity, but in theory we could have crashed at any time even with
our 512 words of inline capacity.
This commit is contained in:
DexesTTP
2021-05-13 08:30:29 +02:00
committed by Linus Groh
parent 28a6a9a08f
commit 0853d98420
Notes: sideshowbarker 2024-07-18 18:13:56 +09:00 
Author: https://github.com/Dexesttp
Commit: https://github.com/SerenityOS/serenity/commit/0853d98420d
Pull-request: https://github.com/SerenityOS/serenity/pull/7067
Reviewed-by: https://github.com/alimpfard
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Userland/Libraries/LibCrypto/BigInt/UnsignedBigInteger.cpp
View File

@@ -248,7 +248,7 @@ void UnsignedBigInteger::set_bit_inplace(size_t bit_index)
const size_t word_index = bit_index / UnsignedBigInteger::BITS_IN_WORD;
const size_t inner_word_index = bit_index % UnsignedBigInteger::BITS_IN_WORD;
m_words.ensure_capacity(word_index);
m_words.ensure_capacity(word_index + 1);
for (size_t i = length(); i <= word_index; ++i) {
m_words.unchecked_append(0);