UXP-Fixed

KotJohansson/UXP-Fixed

Fork 0

mirror of https://github.com/ManchildProductions/UXP-Fixed.git synced 2026-06-11 20:29:08 +00:00

Commit Graph

Author	SHA1	Message	Date
wolfbeast	acbd84f574	Check for integer overflow in AesTask::DoCrypto() (DiD) After calling mResult.SetLength(mData.Length() + 16) we should check that the integer addition didn't overflow. It seems at the moment impossible to create ArrayBuffers of size >= 0x0xfffffff0, however adding a check here doesn't hurt. mResult.Length() is passed to the PK11 API functions as a maxOut parameter and should be checked by the softoken crypto algorithm implementations. AES-ECB and AES-GCM seem to do that correctly.	2018-02-08 12:53:40 +01:00
Matt A. Tobin	5f8de423f1	Add m-esr52 at 52.6.0	2018-02-02 04:16:08 -05:00

Author

SHA1

Message

Date

wolfbeast

acbd84f574

Check for integer overflow in AesTask::DoCrypto() (DiD)

After calling mResult.SetLength(mData.Length() + 16) we should check
that the integer addition didn't overflow. It seems at the moment
impossible to create ArrayBuffers of size >= 0x0xfffffff0, however
adding a check here doesn't hurt.

mResult.Length() is passed to the PK11 API functions as a
maxOut parameter and should be checked by the
softoken crypto algorithm implementations.
AES-ECB and AES-GCM seem to do that correctly.

2018-02-08 12:53:40 +01:00

Matt A. Tobin

5f8de423f1

Add m-esr52 at 52.6.0

2018-02-02 04:16:08 -05:00

2 Commits