Merge #455

455: Do not call Vec::set_len before the data is initialised r=kpp a=adamreichold While this should not be exploitable as `u8` is `Copy` and hence is not dropped, it seems prudent to only change the length of a `Vec` after the data has been initialised via an FFI call (as is already done in the other places that use `Vec::set_len`). Co-authored-by: Adam Reichold <[email protected]>
sodiumoxide · Jan 10, 2021 · 9f6a18d · 9f6a18d
2 parents dc1d2a8 + a440d01
commit 9f6a18d
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 20 deletions.
diff --git a/src/crypto/box_/curve25519xsalsa20poly1305.rs b/src/crypto/box_/curve25519xsalsa20poly1305.rs
@@ -246,14 +246,14 @@ pub fn seal_precomputed(m: &[u8], n: &Nonce, k: &PrecomputedKey) -> Vec<u8> {
     let clen = m.len() + MACBYTES;
     let mut c = Vec::with_capacity(clen);
     unsafe {
-        c.set_len(clen);
         ffi::crypto_box_easy_afternm(
             c.as_mut_ptr(),
             m.as_ptr(),
             m.len() as u64,
             n.0.as_ptr(),
             k.0.as_ptr(),
         );
+        c.set_len(clen);
     }
     c
 }
@@ -285,20 +285,20 @@ pub fn open_precomputed(c: &[u8], n: &Nonce, k: &PrecomputedKey) -> Result<Vec<u
     }
     let mlen = c.len() - MACBYTES;
     let mut m = Vec::with_capacity(mlen);
-    let ret = unsafe {
-        m.set_len(mlen);
-        ffi::crypto_box_open_easy_afternm(
+    unsafe {
+        let ret = ffi::crypto_box_open_easy_afternm(
             m.as_mut_ptr(),
             c.as_ptr(),
             c.len() as u64,
             n.0.as_ptr(),
             k.0.as_ptr(),
-        )
-    };
-    if ret == 0 {
-        Ok(m)
-    } else {
-        Err(())
+        );
+        if ret == 0 {
+            m.set_len(mlen);
+            Ok(m)
+        } else {
+            Err(())
+        }
     }
 }
 

diff --git a/src/crypto/secretbox/xsalsa20poly1305.rs b/src/crypto/secretbox/xsalsa20poly1305.rs
@@ -68,14 +68,14 @@ pub fn seal(m: &[u8], n: &Nonce, k: &Key) -> Vec<u8> {
     let clen = m.len() + MACBYTES;
     let mut c = Vec::with_capacity(clen);
     unsafe {
-        c.set_len(clen);
         ffi::crypto_secretbox_easy(
             c.as_mut_ptr(),
             m.as_ptr(),
             m.len() as u64,
             n.0.as_ptr(),
             k.0.as_ptr(),
         );
+        c.set_len(clen);
     }
     c
 }
@@ -107,20 +107,20 @@ pub fn open(c: &[u8], n: &Nonce, k: &Key) -> Result<Vec<u8>, ()> {
     }
     let mlen = c.len() - MACBYTES;
     let mut m = Vec::with_capacity(mlen);
-    let ret = unsafe {
-        m.set_len(mlen);
-        ffi::crypto_secretbox_open_easy(
+    unsafe {
+        let ret = ffi::crypto_secretbox_open_easy(
             m.as_mut_ptr(),
             c.as_ptr(),
             c.len() as u64,
             n.0.as_ptr(),
             k.0.as_ptr(),
-        )
-    };
-    if ret == 0 {
-        Ok(m)
-    } else {
-        Err(())
+        );
+        if ret == 0 {
+            m.set_len(mlen);
+            Ok(m)
+        } else {
+            Err(())
+        }
     }
 }