projects / u / mdw / putty / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f67b4e8)
Fix potential security problems in random number generator
authorsimon <simon@cda61777-01e9-0310-a592-d414129be87e>
Mon, 2 Aug 1999 08:35:11 +0000 (08:35 +0000)
committersimon <simon@cda61777-01e9-0310-a592-d414129be87e>
Mon, 2 Aug 1999 08:35:11 +0000 (08:35 +0000)
git-svn-id: svn://svn.tartarus.org/sgt/putty@190 cda61777-01e9-0310-a592-d414129be87e

sshrand.c patch | blob | blame | history

diff --git a/sshrand.c b/sshrand.c
index 17ef6e3..b3bd08b 100644 (file)
--- a/sshrand.c
+++ b/sshrand.c
@@ -52,8 +52,8 @@ void random_add_noise(void *noise, int length) {
        pool.incomingpos = 0;
     }
 
-    memcpy(pool.incomingb, p, length);
-    pool.incomingpos = length;
+    memcpy(pool.incomingb + pool_incomingpos, p, length);
+    pool.incomingpos += length;
 }
 
 void random_stir(void) {
@@ -121,7 +121,7 @@ void random_stir(void) {
      * there'll be some extra bizarreness there.
      */
     SHATransform(digest, block);
-    memcpy(digest, pool.incoming, sizeof(digest));
+    memcpy(pool.incoming, digest, sizeof(digest));
 
     pool.poolpos = sizeof(pool.incoming);
 }
@@ -137,8 +137,8 @@ static void random_add_heavynoise(void *noise, int length) {
        pool.poolpos = 0;
     }
 
-    memcpy(pool.pool, p, length);
-    pool.poolpos = length;
+    memcpy(pool.pool + pool.poolpos, p, length);
+    pool.poolpos += length;
 }
 
 void random_init(void) {
Local modifications for Simon Tatham's `PuTTY' SSH client and terminal emulator