Open
Bug 791875
Opened 12 years ago
Updated 2 years ago
rijndael_encryptECB. rijndael_encryptCBC, etc. do not set the *outputLen output argument.
Categories
(NSS :: Libraries, defect, P2)
NSS
Libraries
Tracking
(Not tracked)
NEW
People
(Reporter: wtc, Unassigned)
Details
Attachments
(1 obsolete file)
rijndael_encryptECB, rijndael_encryptCBC, rijndael_decryptECB, and rijndael_decryptCBC do not set the *outputLen output argument. This violates the NSS convention. These functions are relying on their callers to set *outputLen on entry. Right now the only callers are AES_Encrypt and AES_Decrypt. They set *outputLen = inputLen before calling these functions.
Comment 1•10 years ago
|
||
Attachment #8414292 -
Flags: review?(wtc)
Comment 2•9 years ago
|
||
Comment on attachment 8414292 [details] [diff] [review] bug791875_v1.patch Cancelling review. After revisiting this, I'm no longer comfortable with making changes to what looks to me like rather important sensitive code.
Attachment #8414292 -
Attachment is obsolete: true
Attachment #8414292 -
Flags: review?(wtc)
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•