From 4c3431c42271c25d676afc9be6b449390cc67152 Mon Sep 17 00:00:00 2001 From: tb <> Date: Sun, 14 Sep 2025 16:47:37 +0000 Subject: mlkem_public_to_private: fix overread/information leak After the guts of MLKEM_public_key were changed from a union to a struct, the aligner grew the struct, leaking as many bytes of private key data as the struct grew (on normal platforms that would be 2). Ideally this would all be a bit more robust. CID 621603 621604 ok jsing kenjiro --- src/lib/libcrypto/mlkem/mlkem_internal.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.c b/src/lib/libcrypto/mlkem/mlkem_internal.c index 653b2f332d..19dd22e036 100644 --- a/src/lib/libcrypto/mlkem/mlkem_internal.c +++ b/src/lib/libcrypto/mlkem/mlkem_internal.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_internal.c,v 1.1 2025/09/05 23:30:12 beck Exp $ */ +/* $OpenBSD: mlkem_internal.c,v 1.2 2025/09/14 16:47:37 tb Exp $ */ /* * Copyright (c) 2024, Google Inc. * Copyright (c) 2024, 2025 Bob Beck @@ -990,12 +990,12 @@ mlkem_public_from_private(const MLKEM_private_key *private_key, case RANK768: memcpy(out_public_key->key_768->bytes, private_key->key_768->bytes, - sizeof(struct MLKEM768_public_key)); + sizeof(out_public_key->key_768->bytes)); break; case RANK1024: memcpy(out_public_key->key_1024->bytes, private_key->key_1024->bytes, - sizeof(struct MLKEM1024_public_key)); + sizeof(out_public_key->key_1024->bytes)); break; } } -- cgit v1.2.3-55-g6feb