Details
-
Task
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
Description
Calls to `encryption_crypt` (service_encryption.h) seem to generally receive an uninitialized `*dlen`, which it passes on to the encryption service calls. This is an output value that receives the number of bytes written to the `dst` buffer. This should be updated to pass the correct length of the `dst` buffer instead of an uninitialized value.
There is no problem for encryption schemes where it can be assumed that `dlen == slen`. However, in cases where the two may not be equal, it would be good to allow for debug assertions validating that the destination buffer is large enough.
In general, the buffer should be large enough, but it is currently impossible to verify this is true in code. Finding the information in source is also difficult, so plugin writers have no way to verify they aren't creating buffer overwrites.