There's a bug in secblock.h in the handling of an aligned buffer. The
buffer is able to be aligned anywhere in 16 bytes, but the array has
only 8 extra allocated. This bug is only tripped when the memory falls
such that more than 8 bytes of realignment are required. It trips the
assert at line 197 of secblock.h as m_allocated gets overwritten.
line 220:
T* GetAlignedArray() {return (CRYPTOPP_BOOL_ALIGN16_ENABLED &&
T_Align16) ? (T*)(((byte *)m_array) + (0-(size_t)m_array)%16) :
m_array;}
line 221:
CRYPTOPP_ALIGN_DATA(8) T m_array[(CRYPTOPP_BOOL_ALIGN16_ENABLED &&
T_Align16) ? S+8/sizeof(T) : S];
Fix: change line 221 to:
CRYPTOPP_ALIGN_DATA(8) T m_array[(CRYPTOPP_BOOL_ALIGN16_ENABLED &&
T_Align16) ? S+16/sizeof(T) : S];
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
