From: Dmitry Volyntsev <xeioex@nginx.com>
Date: Wed, 13 Jun 2018 16:38:47 +0000 (+0300)
Subject: Fixed heap-buffer-overflow in crypto.createHmac().
X-Git-Tag: 0.2.2~1
X-Git-Url: http://www.kaiwu.me/postgresql/commit/?a=commitdiff_plain;h=5a70985d1faea8365b88381fe13c000bd7b75166;p=njs.git

Fixed heap-buffer-overflow in crypto.createHmac().
---

diff --git a/njs/njs_crypto.c b/njs/njs_crypto.c
index 0946fb22..de075708 100644
--- a/njs/njs_crypto.c
+++ b/njs/njs_crypto.c
@@ -417,7 +417,7 @@ njs_crypto_create_hmac(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs,
 
     ctx->alg = alg;
 
-    if (key.length > 64) {
+    if (key.length > sizeof(key_buf)) {
         alg->init(&ctx->u);
         alg->update(&ctx->u, key.start, key.length);
         alg->final(digest, &ctx->u);
@@ -426,7 +426,7 @@ njs_crypto_create_hmac(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs,
         memset(key_buf + alg->size, 0, sizeof(key_buf) - alg->size);
 
     } else {
-        memcpy(key_buf, key.start, sizeof(key_buf));
+        memcpy(key_buf, key.start, key.length);
         memset(key_buf + key.length, 0, sizeof(key_buf) - key.length);
     }