j3d1/tinc
1
0
Fork 0
Code Issues1 Pull requests Releases Wiki Activity

msg buffer may contain random data - just clean it up

Browse source
This commit is contained in:
thorkill 2016-05-17 22:55:16 +02:00
parent ff8f57c130
commit 3e9638b0cb
1 changed files with 3 additions and 1 deletions

4
src/sptps.c
View file

@ -296,6 +296,8 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {
// Concatenate both KEX messages, plus tag indicating if it is from the connection originator // Concatenate both KEX messages, plus tag indicating if it is from the connection originator
char msg[(1 + 32 + keylen) * 2 + 1 + s->labellen]; char msg[(1 + 32 + keylen) * 2 + 1 + s->labellen];
memset(msg, 0x0, sizeof(msg));
msg[0] = !s->initiator; msg[0] = !s->initiator;
memcpy(msg + 1, s->hiskex, 1 + 32 + keylen); memcpy(msg + 1, s->hiskex, 1 + 32 + keylen);
memcpy(msg + 1 + 33 + keylen, s->mykex, 1 + 32 + keylen); memcpy(msg + 1 + 33 + keylen, s->mykex, 1 + 32 + keylen);
@ -306,7 +308,7 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {
return error(s, EIO, "Failed to verify SIG record"); return error(s, EIO, "Failed to verify SIG record");
// Compute shared secret. // Compute shared secret.
char shared[ECDH_SHARED_SIZE]; char shared[ECDH_SHARED_SIZE] = { 0 };
if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared)) if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared))
return error(s, EINVAL, "Failed to compute ECDH shared secret"); return error(s, EINVAL, "Failed to compute ECDH shared secret");