From 49e160a1658ba38be54b270182eb5a4b6f42b2f6 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sun, 8 Nov 2015 23:17:57 +0100
Subject: [PATCH] In blake2b_final() the leftover shouldn't exceed two blocks

---
 src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c b/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c
index f2e87c09..19bb19a8 100644
--- a/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c
+++ b/src/libsodium/crypto_generichash/blake2/ref/blake2b-ref.c
@@ -11,6 +11,7 @@
    this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
 */
 
+#include <assert.h>
 #include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
@@ -319,7 +320,8 @@ int blake2b_final( blake2b_state *S, uint8_t *out, uint8_t outlen )
     blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
     blake2b_compress( S, S->buf );
     S->buflen -= BLAKE2B_BLOCKBYTES;
-    memmove( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen );
+    assert( S->buflen <= BLAKE2B_BLOCKBYTES );
+    memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen );
   }
 
   blake2b_increment_counter( S, S->buflen );