From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 8 May 2013 16:59:08 +0000 (-0400)
Subject: Fix bug 8845: check the right length of memory in aes unit tests
X-Git-Tag: tor-0.2.5.1-alpha~197^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7d3fd858388ddd4916c604ed5ab3c8cfc72dfd1c;p=thirdparty%2Ftor.git

Fix bug 8845: check the right length of memory in aes unit tests

This couldn't actually be a buffer overrun unless AES somehow turned
into memcpy, but still it's good to fix it.
---

diff --git a/changes/bug8845 b/changes/bug8845
new file mode 100644
index 0000000000..ace043ab9b
--- /dev/null
+++ b/changes/bug8845
@@ -0,0 +1,3 @@
+  o Minor bugfixes (test):
+    - Fix an impossible buffer overrun in the AES unit tests. Fixes bug 8845;
+      bugfix on 0.2.0.7-alpha. Found by eugenis.
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index fcaa0813e7..f92bfd673e 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -730,7 +730,7 @@ test_crypto_aes_iv(void *arg)
   /* Decrypt with the wrong key. */
   decrypted_size = crypto_cipher_decrypt_with_iv(key2, decrypted2, 4095,
                                              encrypted1, encrypted_size);
-  test_memneq(plain, decrypted2, encrypted_size);
+  test_memneq(plain, decrypted2, decrypted_size);
   /* Alter the initialization vector. */
   encrypted1[0] += 42;
   decrypted_size = crypto_cipher_decrypt_with_iv(key1, decrypted1, 4095,