Commit 8e554ab5 authored by Richard van der Hoff's avatar Richard van der Hoff
Browse files

Avoid buffer overrun on encryption

Make sure we null-terminate encrypted strings before passing them to
UTF8ToString.

This used to work when we allocated the buffer on the stack, because it turns
out that allocate() zeroinits the returned memory. malloc(), of course, does
not.
parent 7fd63bca
......@@ -83,6 +83,14 @@ OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
plaintext_buffer, plaintext_length,
message_buffer, message_length
);
// UTF8ToString requires a null-terminated argument, so add the
// null terminator.
Module['setValue'](
message_buffer+message_length,
0, "i8"
);
return Module['UTF8ToString'](message_buffer);
} finally {
if (plaintext_buffer !== undefined) {
......
......@@ -335,6 +335,14 @@ Session.prototype['encrypt'] = restore_stack(function(
random, random_length,
message_buffer, message_length
);
// UTF8ToString requires a null-terminated argument, so add the
// null terminator.
Module['setValue'](
message_buffer+message_length,
0, "i8"
);
return {
"type": message_type,
"body": Module['UTF8ToString'](message_buffer),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment