From d2afdf50799f02c77e34f7073b79c083a9762bfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Kijewski?= Date: Tue, 25 Aug 2015 00:10:29 +0200 Subject: [PATCH] crypto: `memcpy()` in overlapping data in ccm `memcpy()` must not be used if the input and output ranges overlap, because it is undefined if the data if copied from front to the end or vice versa. Found via valgrind. --- sys/crypto/modes/ccm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/crypto/modes/ccm.c b/sys/crypto/modes/ccm.c index 8c0a909392..a9ccc9a408 100644 --- a/sys/crypto/modes/ccm.c +++ b/sys/crypto/modes/ccm.c @@ -40,7 +40,7 @@ int ccm_compute_cbc_mac(cipher_t* cipher, uint8_t iv[16], uint8_t offset, block_size, mac_enc[16] = {0}; block_size = cipher_get_block_size(cipher); - memcpy(mac, iv, 16); + memmove(mac, iv, 16); offset = 0; do { uint8_t block_size_input = (length - offset > block_size) ?