Fix buffer overrun in SRP (#7484)

author red-001 <red-001@outlook.ie>

Tue, 26 Jun 2018 08:02:26 +0000 (09:02 +0100)

committer Loïc Blot <nerzhul@users.noreply.github.com>

Thu, 28 Jun 2018 17:11:01 +0000 (19:11 +0200)
author red-001 <red-001@outlook.ie>
Tue, 26 Jun 2018 08:02:26 +0000 (09:02 +0100)
committer Loïc Blot <nerzhul@users.noreply.github.com>
Thu, 28 Jun 2018 17:11:01 +0000 (19:11 +0200)
diff --git a/src/util/srp.cpp b/src/util/srp.cpp

index f27f4f3f91a25786a88e8f4f74d4ba7fd2c8dde3..af68d6f547bf7c5175818b2528eb9b0001efccf1 100644 (file)
--- a/src/util/srp.cpp
+++ b/src/util/srp.cpp
@@ -612,7 +612,7 @@ SRP_Result srp_create_salted_verification_key( SRP_HashAlgorithm alg,
                         if (fill_buff() != SRP_OK) goto error_and_exit;
                 *bytes_s = (unsigned char *)srp_alloc(size_to_fill);
                 if (!*bytes_s) goto error_and_exit;
-               memcpy(*bytes_s, &g_rand_buff + g_rand_idx, size_to_fill);
+               memcpy(*bytes_s, &g_rand_buff[g_rand_idx], size_to_fill);
                 g_rand_idx += size_to_fill;
         }
author	red-001 <red-001@outlook.ie>
	Tue, 26 Jun 2018 08:02:26 +0000 (09:02 +0100)
committer	Loïc Blot <nerzhul@users.noreply.github.com>
	Thu, 28 Jun 2018 17:11:01 +0000 (19:11 +0200)