From ae8f547585a67fba1c052d8e9e0b5f8d50e12f8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Peer=20Springst=C3=BCbe?= Date: Thu, 12 Sep 2019 18:03:08 +0200 Subject: [PATCH] Fix of by one error on encryption of multiples of 16 Function `lw_encrypt` overruns data sizes which are a multiple of the key length (and thus encrypts whatever comes next in memory. This fix takes care of the edge case. --- lw/lw.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lw/lw.c b/lw/lw.c index b3a6ca8..d0f6fcd 100644 --- a/lw/lw.c +++ b/lw/lw.c @@ -1596,7 +1596,10 @@ int lw_encrypt(uint8_t *out, lw_key_t *key) uint8_t A[LW_KEY_LEN]; uint16_t const over_hang_bytes = key->len%LW_KEY_LEN; - int blocks = key->len/LW_KEY_LEN + 1; + int blocks = key->len/LW_KEY_LEN; + if (over_hang_bytes) { + ++blocks; + } memset(A, 0, LW_KEY_LEN);