Buffer overrun in e_rc4.c was fixed in Nov 2002 in HEAD and 0_9_7 branches,

author Andy Polyakov <appro@openssl.org>

Sun, 18 Jan 2004 16:56:57 +0000 (16:56 +0000)

committer Andy Polyakov <appro@openssl.org>

Sun, 18 Jan 2004 16:56:57 +0000 (16:56 +0000)
author Andy Polyakov <appro@openssl.org>
Sun, 18 Jan 2004 16:56:57 +0000 (16:56 +0000)
committer Andy Polyakov <appro@openssl.org>
Sun, 18 Jan 2004 16:56:57 +0000 (16:56 +0000)
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c

index 1c1e3b38575a3a5885cbe9ba910c49771b7140a3..48f60e623163e459146779a863528efc0855ebf9 100644 (file)
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -110,9 +110,8 @@ EVP_CIPHER *EVP_rc4_40(void)
  static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                         const unsigned char *iv, int enc)
         {
-       memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
         RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
-               ctx->c.rc4.key);
+                   key);
         return 1;
         }
author	Andy Polyakov <appro@openssl.org>
	Sun, 18 Jan 2004 16:56:57 +0000 (16:56 +0000)
committer	Andy Polyakov <appro@openssl.org>
	Sun, 18 Jan 2004 16:56:57 +0000 (16:56 +0000)