From f60f8cd9659ca29c76bfb659ec176e4209918459 Mon Sep 17 00:00:00 2001 From: JeremiahM37 Date: Thu, 7 May 2026 22:19:53 -0400 Subject: [PATCH] Clamp sakke_xor_in_v write to buffer length --- wolfcrypt/src/sakke.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/sakke.c b/wolfcrypt/src/sakke.c index f07f4cf4b2..52f8bc2084 100644 --- a/wolfcrypt/src/sakke.c +++ b/wolfcrypt/src/sakke.c @@ -6164,18 +6164,29 @@ static void sakke_xor_in_v(const byte* v, word32 hashSz, byte* out, word32 idx, { int o; word32 i; + word32 len; if (idx == 0) { i = hashSz - (n % hashSz); if (i == hashSz) { i = 0; } + len = hashSz - i; } else { i = 0; + /* Clamp to bytes still remaining in the caller's buffer. Without + * this clamp, the final iteration of sakke_hash_to_range (when + * n > hashSz and (n % hashSz) != 0) writes hashSz bytes at + * out+idx and overshoots the n-byte buffer by hashSz - (n%hashSz) + * bytes. */ + len = (n > idx) ? (n - idx) : 0; + if (len > hashSz) { + len = hashSz; + } } o = (int)i; - xorbuf(out + idx + i - o, v + i, hashSz - i); + xorbuf(out + idx + i - o, v + i, len); } /*