From 2984afdad9696e4de4762ebc0039f9353773f66c Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Thu, 8 Jun 2017 16:05:52 -0400 Subject: [PATCH] Fix a read off the end of the input buffer when building with OPENSSL_SMALL_FOOTPRINT defined. Reviewed-by: Tim Hudson Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3533) (cherry picked from commit 0b20ad127ce86b05a854f31d51d91312c86ccc74) --- crypto/whrlpool/wp_dgst.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/whrlpool/wp_dgst.c b/crypto/whrlpool/wp_dgst.c index ed064244fa..6d925517a2 100644 --- a/crypto/whrlpool/wp_dgst.c +++ b/crypto/whrlpool/wp_dgst.c @@ -174,7 +174,7 @@ void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits) goto reconsider; } else #endif - if (bits >= 8) { + if (bits > 8) { b = ((inp[0] << inpgap) | (inp[1] >> (8 - inpgap))); b &= 0xff; if (bitrem) @@ -191,7 +191,7 @@ void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits) } if (bitrem) c->data[byteoff] = b << (8 - bitrem); - } else { /* remaining less than 8 bits */ + } else { /* remaining less than or equal to 8 bits */ b = (inp[0] << inpgap) & 0xff; if (bitrem) -- 2.25.1