From 3db5de939481ba0c80695c94a7060945399858a3 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Mon, 23 Dec 2013 19:24:42 -0800 Subject: [PATCH] cmac-aes256: Correct size of local rk[] array. This array was undersized, yielding undefined behavior. It happened to work OK when compiled -O2 with GCC 4.7.x for x86, and fail with compiled -O0 in the same environment. This fixes the problem. Reported by John Darrington. --- src/libpspp/cmac-aes256.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libpspp/cmac-aes256.c b/src/libpspp/cmac-aes256.c index fb8ea165fa..718b3062dc 100644 --- a/src/libpspp/cmac-aes256.c +++ b/src/libpspp/cmac-aes256.c @@ -44,7 +44,7 @@ cmac_aes256(const uint8_t key[32], uint8_t cmac[16]) { const char zeros[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; - uint32_t rk[4 * RIJNDAEL_MAXNR + 1]; + uint32_t rk[4 * (RIJNDAEL_MAXNR + 1)]; uint8_t k1[16], k2[16], L[16]; const uint8_t *data = data_; uint8_t c[16], tmp[16]; -- 2.30.2