Fix buffer overrun in SRP (#7484)

author red-001 <red-001@outlook.ie>

Tue, 26 Jun 2018 08:02:26 +0000 (09:02 +0100)

committer Loïc Blot <nerzhul@users.noreply.github.com>

Tue, 26 Jun 2018 08:02:26 +0000 (10:02 +0200)
author red-001 <red-001@outlook.ie>
Tue, 26 Jun 2018 08:02:26 +0000 (09:02 +0100)
committer Loïc Blot <nerzhul@users.noreply.github.com>
Tue, 26 Jun 2018 08:02:26 +0000 (10:02 +0200)
diff --git a/src/util/srp.cpp b/src/util/srp.cpp

index 9aed9eb0c66dad1cb261bc33dc973fd688085dd0..a3452e022b3578d4b351f1360a8a890dc653b82c 100644 (file)
--- a/src/util/srp.cpp
+++ b/src/util/srp.cpp
@@ -613,7 +613,7 @@ SRP_Result srp_create_salted_verification_key( SRP_HashAlgorithm alg,
                         if (fill_buff() != SRP_OK) goto error_and_exit;
                 *bytes_s = (unsigned char *)srp_alloc(size_to_fill);
                 if (!*bytes_s) goto error_and_exit;
-               memcpy(*bytes_s, &g_rand_buff + g_rand_idx, size_to_fill);
+               memcpy(*bytes_s, &g_rand_buff[g_rand_idx], size_to_fill);
                 g_rand_idx += size_to_fill;
         }
author	red-001 <red-001@outlook.ie>
	Tue, 26 Jun 2018 08:02:26 +0000 (09:02 +0100)
committer	Loïc Blot <nerzhul@users.noreply.github.com>
	Tue, 26 Jun 2018 08:02:26 +0000 (10:02 +0200)