[tahoe-dev] [pycryptopp] #67: Use of uninitialised value in CryptoPP::Rijndael_Enc_AdvancedProcessBlocks
pycryptopp
trac at allmydata.org
Mon Jan 10 23:51:03 UTC 2011
#67: Use of uninitialised value in CryptoPP::Rijndael_Enc_AdvancedProcessBlocks
--------------------------+-------------------------------------------------
Reporter: Nikratio | Owner: Nikratio
Type: defect | Status: new
Priority: major | Version: 0.5.19
Resolution: | Keywords:
Launchpad Bug: |
--------------------------+-------------------------------------------------
Comment (by Nikratio):
Here you go:
{{{
$ valgrind python-dbg contrib/test.py
==19162== Memcheck, a memory error detector
==19162== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==19162== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for
copyright info
==19162== Command: python-dbg contrib/test.py
==19162==
==19162== Use of uninitialised value of size 4
==19162== at 0x5121325:
CryptoPP::Rijndael_Enc_AdvancedProcessBlocks(void*, unsigned int const*)
(in /usr/lib/libcrypto++.so.8.0.0)
==19162== by 0x512151D:
CryptoPP::Rijndael::Enc::AdvancedProcessBlocks(unsigned char const*,
unsigned char const*, unsigned char*, unsigned int, unsigned int) const
(in /usr/lib/libcrypto++.so.8.0.0)
==19162== by 0x50FC341:
CryptoPP::CTR_ModePolicy::OperateKeystream(CryptoPP::KeystreamOperation,
unsigned char*, unsigned char const*, unsigned int) (in
/usr/lib/libcrypto++.so.8.0.0)
==19162== by 0x4E2405E:
CryptoPP::CTR_ModePolicy::WriteKeystream(unsigned char*, unsigned int)
(modes.h:151)
==19162== by 0x505648E:
CryptoPP::AdditiveCipherTemplate<CryptoPP::AbstractPolicyHolder<CryptoPP::AdditiveCipherAbstractPolicy,
CryptoPP::CTR_ModePolicy> >::ProcessData(unsigned char*, unsigned char
const*, unsigned int) (in /usr/lib/libcrypto++.so.8.0.0)
==19162== by 0x4E23A5D: AES_process(AES*, _object*) (aesmodule.cpp:77)
==19162== by 0x80F92A8: call_function (ceval.c:3738)
==19162== by 0x80F4ACA: PyEval_EvalFrameEx (ceval.c:2412)
==19162== by 0x80F98F3: fast_function (ceval.c:3836)
==19162== by 0x80F964C: call_function (ceval.c:3771)
==19162== by 0x80F4ACA: PyEval_EvalFrameEx (ceval.c:2412)
==19162== by 0x80F7214: PyEval_EvalCodeEx (ceval.c:3000)
==19162==
[19593 refs]
==19162==
==19162== HEAP SUMMARY:
==19162== in use at exit: 565,451 bytes in 5,895 blocks
==19162== total heap usage: 51,971 allocs, 46,076 frees, 5,439,309 bytes
allocated
==19162==
==19162== LEAK SUMMARY:
==19162== definitely lost: 0 bytes in 0 blocks
==19162== indirectly lost: 0 bytes in 0 blocks
==19162== possibly lost: 544,863 bytes in 5,576 blocks
==19162== still reachable: 20,588 bytes in 319 blocks
==19162== suppressed: 0 bytes in 0 blocks
==19162== Rerun with --leak-check=full to see details of leaked memory
==19162==
==19162== For counts of detected and suppressed errors, rerun with: -v
==19162== Use --track-origins=yes to see where uninitialised values come
from
==19162== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 50 from 11)
}}}
{{{
$ cat contrib/test.py
import hmac
import pycryptopp
import hashlib
import struct
def encrypt(buf, passphrase, nonce):
key = hashlib.sha256(passphrase + nonce).digest()
cipher = pycryptopp.cipher.aes.AES(key)
hmac_ = hmac.new(key, digestmod=hashlib.sha256)
hmac_.update(buf)
buf = cipher.process(buf)
hash_ = cipher.process(hmac_.digest())
return b''.join(
(struct.pack(b'<B', len(nonce)),
nonce, hash_, buf))
encrypt('foobar', 'passphrase', 'nonce')
}}}
--
Ticket URL: <http://allmydata.org/trac/pycryptopp/ticket/67#comment:2>
pycryptopp <http://allmydata.org/trac/pycryptopp>
Python bindings for the Crypto++ library
More information about the tahoe-dev
mailing list