From 4fa4d6d22708231a51bdff93ef3220aa95b6fc80 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 31 Aug 2014 23:56:37 +0200 Subject: Windows vulnerability fix: correct possible BSOD attack targeted towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project. --- src/Common/Wipe.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'src/Common/Wipe.c') diff --git a/src/Common/Wipe.c b/src/Common/Wipe.c index f06862e2..d2ee175b 100644 --- a/src/Common/Wipe.c +++ b/src/Common/Wipe.c @@ -157,12 +157,9 @@ int GetWipePassCount (WipeAlgorithmId algorithm) case TC_WIPE_256: return 256; - - default: - TC_THROW_FATAL_EXCEPTION; } - return 0; // Prevent compiler warnings + return -1; // Prevent compiler warnings } @@ -183,8 +180,14 @@ BOOL WipeBuffer (WipeAlgorithmId algorithm, byte randChars[TC_WIPE_RAND_CHAR_COU case TC_WIPE_35_GUTMANN: return Wipe35Gutmann (pass, buffer, size); + /* we will never reach here because all calls to WipeBuffer are preceeded + * by a call to GetWipePassCount that already checks the same algorithm + * parameters and in case of unsupported value an error is returned before + * calling WipeBuffer + */ + /* default: - TC_THROW_FATAL_EXCEPTION; + TC_THROW_FATAL_EXCEPTION;*/ } return FALSE; // Prevent compiler warnings -- cgit v1.2.3