projects
/
oweals
/
tinc.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix possible read of freed memory when verifying the signature of a file.
[oweals/tinc.git]
/
src
/
sptps.c
diff --git
a/src/sptps.c
b/src/sptps.c
index 7bd271b936ba2591d39a926762d8a5b8d6870977..712d50ea8d2d68d8787fda3793d2c2fcec36abd8 100644
(file)
--- a/
src/sptps.c
+++ b/
src/sptps.c
@@
-204,7
+204,7
@@
static bool generate_key_material(sptps_t *s, const char *shared, size_t len) {
// Create the HMAC seed, which is "key expansion" + session label + server nonce + client nonce
char seed[s->labellen + 64 + 13];
// Create the HMAC seed, which is "key expansion" + session label + server nonce + client nonce
char seed[s->labellen + 64 + 13];
-
strcpy(seed, "key expansion"
);
+
memcpy(seed, "key expansion", 13
);
if(s->initiator) {
memcpy(seed + 13, s->mykex + 1, 32);
memcpy(seed + 45, s->hiskex + 1, 32);
if(s->initiator) {
memcpy(seed + 13, s->mykex + 1, 32);
memcpy(seed + 45, s->hiskex + 1, 32);