Open Bug 791875 Opened 12 years ago Updated 2 years ago

rijndael_encryptECB. rijndael_encryptCBC, etc. do not set the *outputLen output argument.

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

People

(Reporter: wtc, Unassigned)

Details

Attachments

(1 obsolete file) 

rijndael_encryptECB, rijndael_encryptCBC, rijndael_decryptECB, and rijndael_decryptCBC
do not set the *outputLen output argument. This violates the NSS convention.

These functions are relying on their callers to set *outputLen on entry. Right now the
only callers are AES_Encrypt and AES_Decrypt. They set *outputLen = inputLen before
calling these functions.
Attached patch bug791875_v1.patch (obsolete) — Splinter Review 

        Attachment #8414292 -
        Flags: review?(wtc)

    
    

    
  
Comment on attachment 8414292 [details] [diff] [review]
bug791875_v1.patch

Cancelling review. After revisiting this, I'm no longer comfortable with making changes to what looks to me like rather important sensitive code.

        Attachment #8414292 -
        Attachment is obsolete: true

        Attachment #8414292 -
        Flags: review?(wtc)

    
  
Severity: normal → S3

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: