From d25e6bd2cfef1602242c75d64d13a5ff5200dc70 Mon Sep 17 00:00:00 2001 From: Solar Designer Date: Fri, 5 Jan 2024 17:45:31 +0100 Subject: [PATCH] VMX format: Fix data over-read bug --- src/vmx_fmt_plug.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/vmx_fmt_plug.c b/src/vmx_fmt_plug.c index 0c61c59a88..7482ee29a4 100644 --- a/src/vmx_fmt_plug.c +++ b/src/vmx_fmt_plug.c @@ -91,13 +91,13 @@ static char *get_key(int index) static int vmx_decrypt(struct custom_salt *cur_salt, unsigned char *key, unsigned char *data) { - unsigned char out[BLOBLEN]; + unsigned char out[16]; unsigned char ivec[16]; AES_KEY aes_decrypt_key; memcpy(ivec, data, 16); AES_set_decrypt_key(key, 256, &aes_decrypt_key); - AES_cbc_encrypt(cur_salt->blob + 16, out, BLOBLEN - 16, &aes_decrypt_key, ivec, AES_DECRYPT); + AES_cbc_encrypt(cur_salt->blob + 16, out, 16, &aes_decrypt_key, ivec, AES_DECRYPT); return memcmp(out, "type=key:cipher=", 16) == 0; }