philippelh/bitchx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't seed arcfour with uninitialized stack values when urandom can't be

Browse Source 
opened, but fail instead. Fixes using uninitialized value warnings from
Coverity.


git-svn-id: svn://svn.code.sf.net/p/bitchx/code/trunk@263 13b04d17-f746-0410-82c6-800466cd88b0
This commit is contained in:
Tim Cava
2013-07-09 07:06:43 +00:00
parent e39eddbc04
commit ee35df3a41
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
dll/arcfour/arcfour.c
View File

@@ -70,11 +70,7 @@ static char *init_box(char *ukey, arckey *key)
close(fd); close(fd);
} }
else else
{ return NULL;
buf[(int)buf[69]] ^= getpid();
buf[(int)buf[226]] ^= getuid();
buf[(int)buf[119]] ^= getpid();
}
MD5Init(&md5context); MD5Init(&md5context);
MD5Update(&md5context, buf, sizeof(buf)); MD5Update(&md5context, buf, sizeof(buf));
@@ -196,7 +192,11 @@ static int start_dcc_crypt (int s, int type, unsigned long d_addr, int d_port)
memset(randkey, 0, sizeof(randkey)); memset(randkey, 0, sizeof(randkey));
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));
tmpbox->outbox = (arckey *)new_malloc(sizeof(arckey)); tmpbox->outbox = (arckey *)new_malloc(sizeof(arckey));
init_box(randkey, tmpbox->outbox); if (init_box(randkey, tmpbox->outbox) == NULL)
{
new_free(&tmpbox->outbox);
return -1;
}
snprintf(buf, BIG_BUFFER_SIZE, "SecureDCC %s\r\n%n", randkey, &len); snprintf(buf, BIG_BUFFER_SIZE, "SecureDCC %s\r\n%n", randkey, &len);
write(s, buf, len); write(s, buf, len);
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));