#67: Use of uninitialised value in CryptoPP::Rijndael_Enc_AdvancedProcessBlocks --------------------------+------------------------------------------------- Reporter: Nikratio | Owner: Nikratio Type: defect | Status: new Priority: major | Version: 0.5.19 Resolution: | Keywords: Launchpad Bug: | --------------------------+-------------------------------------------------
Comment (by Nikratio): Here you go: {{{ $ valgrind python-dbg contrib/test.py ==19162== Memcheck, a memory error detector ==19162== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. ==19162== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info ==19162== Command: python-dbg contrib/test.py ==19162== ==19162== Use of uninitialised value of size 4 ==19162== at 0x5121325: CryptoPP::Rijndael_Enc_AdvancedProcessBlocks(void*, unsigned int const*) (in /usr/lib/libcrypto++.so.8.0.0) ==19162== by 0x512151D: CryptoPP::Rijndael::Enc::AdvancedProcessBlocks(unsigned char const*, unsigned char const*, unsigned char*, unsigned int, unsigned int) const (in /usr/lib/libcrypto++.so.8.0.0) ==19162== by 0x50FC341: CryptoPP::CTR_ModePolicy::OperateKeystream(CryptoPP::KeystreamOperation, unsigned char*, unsigned char const*, unsigned int) (in /usr/lib/libcrypto++.so.8.0.0) ==19162== by 0x4E2405E: CryptoPP::CTR_ModePolicy::WriteKeystream(unsigned char*, unsigned int) (modes.h:151) ==19162== by 0x505648E: CryptoPP::AdditiveCipherTemplate<CryptoPP::AbstractPolicyHolder<CryptoPP::AdditiveCipherAbstractPolicy, CryptoPP::CTR_ModePolicy> >::ProcessData(unsigned char*, unsigned char const*, unsigned int) (in /usr/lib/libcrypto++.so.8.0.0) ==19162== by 0x4E23A5D: AES_process(AES*, _object*) (aesmodule.cpp:77) ==19162== by 0x80F92A8: call_function (ceval.c:3738) ==19162== by 0x80F4ACA: PyEval_EvalFrameEx (ceval.c:2412) ==19162== by 0x80F98F3: fast_function (ceval.c:3836) ==19162== by 0x80F964C: call_function (ceval.c:3771) ==19162== by 0x80F4ACA: PyEval_EvalFrameEx (ceval.c:2412) ==19162== by 0x80F7214: PyEval_EvalCodeEx (ceval.c:3000) ==19162== [19593 refs] ==19162== ==19162== HEAP SUMMARY: ==19162== in use at exit: 565,451 bytes in 5,895 blocks ==19162== total heap usage: 51,971 allocs, 46,076 frees, 5,439,309 bytes allocated ==19162== ==19162== LEAK SUMMARY: ==19162== definitely lost: 0 bytes in 0 blocks ==19162== indirectly lost: 0 bytes in 0 blocks ==19162== possibly lost: 544,863 bytes in 5,576 blocks ==19162== still reachable: 20,588 bytes in 319 blocks ==19162== suppressed: 0 bytes in 0 blocks ==19162== Rerun with --leak-check=full to see details of leaked memory ==19162== ==19162== For counts of detected and suppressed errors, rerun with: -v ==19162== Use --track-origins=yes to see where uninitialised values come from ==19162== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 50 from 11) }}} {{{ $ cat contrib/test.py import hmac import pycryptopp import hashlib import struct def encrypt(buf, passphrase, nonce): key = hashlib.sha256(passphrase + nonce).digest() cipher = pycryptopp.cipher.aes.AES(key) hmac_ = hmac.new(key, digestmod=hashlib.sha256) hmac_.update(buf) buf = cipher.process(buf) hash_ = cipher.process(hmac_.digest()) return b''.join( (struct.pack(b'<B', len(nonce)), nonce, hash_, buf)) encrypt('foobar', 'passphrase', 'nonce') }}} -- Ticket URL: <http://allmydata.org/trac/pycryptopp/ticket/67#comment:2> pycryptopp <http://allmydata.org/trac/pycryptopp> Python bindings for the Crypto++ library _______________________________________________ tahoe-dev mailing list tahoe-dev@tahoe-lafs.org http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev