AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 08:14:58 +03:00
Code Releases Activity

Fix Vulnerability: CVE-2023-32275 TALOS-2023-1753

Browse Source 
SoftEther VPN CtEnumCa () information disclosure vulnerability
https://www.softether.org/9-about/News/904-SEVPN202301
https://jvn.jp/en/jp/JVN64316789/
This commit is contained in:
Daiyuu Nobori
2023-09-28 19:08:40 +09:00
committed by Davide Beatrici
parent 2dec52b875
commit f4bbe476be
3 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Mayaqua/Encrypt.c
View File

@ -712,7 +712,8 @@ UINT RsaPublicSize(K *k)
// Hash a pointer to a 32-bit
UINT HashPtrToUINT(void *p)
{
UCHAR hash_data[MD5_SIZE];
UCHAR hash_data[SHA256_SIZE];
UCHAR hash_src[CANARY_RAND_SIZE + sizeof(void *)];
UINT ret;
// Validate arguments
if (p == NULL)
@ -720,7 +721,11 @@ UINT HashPtrToUINT(void *p)
return 0;
}
Md5(hash_data, &p, sizeof(p));
Zero(hash_src, sizeof(hash_src));
Copy(hash_src + 0, GetCanaryRand(CANARY_RAND_ID_PTR_KEY_HASH), CANARY_RAND_SIZE);
Copy(hash_src + CANARY_RAND_SIZE, p, sizeof(void *));
Sha2_256(hash_data, hash_src, sizeof(hash_src));
Copy(&ret, hash_data, sizeof(ret));