[FFmpeg-devel] [PATCH] aes: AVAES.round_key should have space for 16 4x4 arrays, not 15
Andy Parkins
andyparkins
Wed Jul 18 10:01:37 CEST 2007
When key_bits == 256, then rounds == (256>>5 + 6) == 14. In
av_aes_init(), then, the key expansion loop runs from zero to 224 in 32
byte steps.
AVAES.round_key is filled in by this line:
memcpy(a->round_key[0][0]+t, tk, KC*4);
KC*4 is 32; so this line is copying bytes into the following array
indices:
round_key[14][0][0] to round_key[15][3][3]
But the declaration for round_key is
round_key[15][4][4];
Remember, the declaration is the number of elements, but the accesses
are zero based, which makes the last index of this variable,
round_key[14][3][3]. i.e. This block is 16 byets short of what it needs
to be.
This patch changes the round_key declaration to
round_key[16][4][4];
Preventing the overflow.
---
libavutil/aes.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
--
Dr Andy Parkins, M Eng (hons), MIET
andyparkins at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 28b5249dc456b4463cb1b92524c04b62e132abfd.diff
Type: text/x-patch
Size: 305 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070718/2624f1eb/attachment.bin>
More information about the ffmpeg-devel
mailing list