This repository was archived by the owner on Apr 21, 2019. It is now read-only.
This repository was archived by the owner on Apr 21, 2019. It is now read-only.
_pyecc.c: py_decrypt clobbers its input #5
Description
Apparently ecc_decrypt clobbers its input (the cipher text to be decrypted). Here is a patch:
--- _pyecc.c~
+++ _pyecc.c
@@ -103,15 +103,16 @@
ECC_State PyCObject \
\n\
";
static PyObject *py_decrypt(PyObject *self, PyObject *args, PyObject *kwargs)
{
- PyObject *temp_state, *temp_keypair;
+ PyObject *temp_state, *temp_keypair, *retval;
ECC_State state;
ECC_KeyPair keypair;
ECC_Data encrypted;
char *data;
+ char *dcopy;
int datalen;
if (!PyArg_ParseTuple(args, "s#OO", &data, &datalen, &temp_keypair,
&temp_state)) {
return NULL;
@@ -118,20 +119,28 @@
}
state = (ECC_State)(PyCObject_AsVoidPtr(temp_state));
keypair = (ECC_KeyPair)(PyCObject_AsVoidPtr(temp_keypair));
+ if (!(dcopy = (char *)malloc(datalen))) { /* Make a copy of the encrypted input because ecc_decrypt is going to stomp on it */
+ Py_RETURN_NONE;
+ }
+
+ memcpy(dcopy, data, datalen);
+
encrypted = ecc_new_data();
- encrypted->data = data;
+ encrypted->data = dcopy; /* Use the copy */
encrypted->datalen = datalen;
ECC_Data result = ecc_decrypt(encrypted, keypair, state);
if ( (result == NULL) || (result->data == NULL) )
Py_RETURN_NONE;
- return PyString_FromStringAndSize((char *)(result->data), result->datalen);
+ retval = (PyObject *) PyString_FromStringAndSize((char *)(result->data), result->datalen);
+ free(dcopy);
+ return retval;
}
static char new_keypair_doc[] = "\
Return a new ECC_KeyPair object that will contain the appropriate \
references to the public and private keys in memory\n\