From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Sun, 28 Jan 2018 22:51:43 +0000 (+0100)
Subject: Fixed buffer overflow (wipe too big)
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=078850cdd57f737e46ad383b9b0f7cb1d032feef;p=Monocypher.git

Fixed buffer overflow (wipe too big)
---

diff --git a/src/monocypher.c b/src/monocypher.c
index 1f2fcd8..8e0b27b 100644
--- a/src/monocypher.c
+++ b/src/monocypher.c
@@ -1791,11 +1791,11 @@ int crypto_aead_unlock(u8       *plain_text,
     crypto_lock_auth(&ctx, cipher_text, text_size);
     crypto_chacha_ctx chacha_ctx = ctx.chacha; // avoid the wiping...
     if (crypto_unlock_final(&ctx, mac)) {      // ...that occurs here
-        crypto_wipe(&chacha_ctx, sizeof(ctx));
+        crypto_wipe(&chacha_ctx, sizeof(chacha_ctx));
         return -1; // reject forgeries before wasting our time decrypting
     }
     crypto_chacha20_encrypt(&chacha_ctx, plain_text, cipher_text, text_size);
-    crypto_wipe(&chacha_ctx, sizeof(ctx));
+    crypto_wipe(&chacha_ctx, sizeof(chacha_ctx));
     return 0;
 }