[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

incorrect large buffer handling in md5.c/sha1.c/sha256.c/sha512.c

From: Serge Belyshev
Subject: incorrect large buffer handling in md5.c/sha1.c/sha256.c/sha512.c
Date: Fri, 18 May 2012 19:47:40 +0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)

This is a cross-post from glibc bugreport:

In short, the code below handles blocks larger than 8 GB incorrectly because
they require ctx->total[1] incremented more than by 1:

  /* First increment the byte count.  RFC 1321 specifies the possible
     length of the file up to 2^64 bits.  Here we only compute the
     number of bytes.  Do a double word increment.  */
  ctx->total[0] += len;
  if (ctx->total[0] < len)


Note that md5sum is not affected by this, as it calls
md5_process_block() with small and fixed block size.

Testcase for the bug:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]