[Libreoffice-commits] core.git: oox/source

Caolán McNamara (via logerrit) logerrit at kemper.freedesktop.org
Sun Oct 4 16:02:54 UTC 2020


 oox/source/crypto/AgileEngine.cxx |   15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

New commits:
commit e11cdf021a1ee7ff95733699e75c35af72c54c69
Author:     Caolán McNamara <caolanm at redhat.com>
AuthorDate: Sun Oct 4 15:00:20 2020 +0100
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Sun Oct 4 18:02:11 2020 +0200

    ofz#26128 check at start instead of end if encryptedHashValue is too small
    
    Change-Id: I10774802c96f6f0912a4ee3bf9a6a2a9482b7c94
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103918
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/oox/source/crypto/AgileEngine.cxx b/oox/source/crypto/AgileEngine.cxx
index ad01e31def83..179317510880 100644
--- a/oox/source/crypto/AgileEngine.cxx
+++ b/oox/source/crypto/AgileEngine.cxx
@@ -318,7 +318,13 @@ bool generateBytes(std::vector<sal_uInt8> & rBytes, sal_Int32 nSize)
 
 bool AgileEngine::decryptAndCheckVerifierHash(OUString const & rPassword)
 {
-    std::vector<sal_uInt8> hashFinal(mInfo.hashSize, 0);
+    std::vector<sal_uInt8>& encryptedHashValue = mInfo.encryptedVerifierHashValue;
+    size_t encryptedHashValueSize = encryptedHashValue.size();
+    size_t nHashValueSize = mInfo.hashSize;
+    if (nHashValueSize > encryptedHashValueSize)
+        return false;
+
+    std::vector<sal_uInt8> hashFinal(nHashValueSize, 0);
     calculateHashFinal(rPassword, hashFinal);
 
     std::vector<sal_uInt8>& encryptedHashInput = mInfo.encryptedVerifierHashInput;
@@ -327,14 +333,13 @@ bool AgileEngine::decryptAndCheckVerifierHash(OUString const & rPassword)
     std::vector<sal_uInt8> hashInput(nSaltSize, 0);
     calculateBlock(constBlock1, hashFinal, encryptedHashInput, hashInput);
 
-    std::vector<sal_uInt8>& encryptedHashValue = mInfo.encryptedVerifierHashValue;
-    std::vector<sal_uInt8> hashValue(encryptedHashValue.size(), 0);
+    std::vector<sal_uInt8> hashValue(encryptedHashValueSize, 0);
     calculateBlock(constBlock2, hashFinal, encryptedHashValue, hashValue);
 
-    std::vector<sal_uInt8> hash(mInfo.hashSize, 0);
+    std::vector<sal_uInt8> hash(nHashValueSize, 0);
     hashCalc(hash, hashInput, mInfo.hashAlgorithm);
 
-    return (hash.size() <= hashValue.size() && std::equal(hash.begin(), hash.end(), hashValue.begin()));
+    return std::equal(hash.begin(), hash.end(), hashValue.begin());
 }
 
 void AgileEngine::decryptEncryptionKey(OUString const & rPassword)


More information about the Libreoffice-commits mailing list