pwhash never supported "in-place" operation - return EINVAL

2020-11-24 22:50:15 +01:00 · 2020-11-24 22:50:15 +01:00 · df83ed9235
commit df83ed9235
parent 96c65593bc
3 changed files with 12 additions and 0 deletions
--- a/src/libsodium/crypto_pwhash/argon2/pwhash_argon2i.c
+++ b/src/libsodium/crypto_pwhash/argon2/pwhash_argon2i.c
@ -163,6 +163,10 @@ crypto_pwhash_argon2i(unsigned char *const out, unsigned long long outlen,
        errno = EINVAL;
        return -1;
    }
+    if ((const void *) out == (const void *) passwd) {
+        errno = EINVAL;
+        return -1;
+    }
    switch (alg) {
    case crypto_pwhash_argon2i_ALG_ARGON2I13:
        if (argon2i_hash_raw((uint32_t) opslimit, (uint32_t) (memlimit / 1024U),
--- a/src/libsodium/crypto_pwhash/argon2/pwhash_argon2id.c
+++ b/src/libsodium/crypto_pwhash/argon2/pwhash_argon2id.c
@ -159,6 +159,10 @@ crypto_pwhash_argon2id(unsigned char *const out, unsigned long long outlen,
        errno = EINVAL;
        return -1;
    }
+    if ((const void *) out == (const void *) passwd) {
+        errno = EINVAL;
+        return -1;
+    }
    switch (alg) {
    case crypto_pwhash_argon2id_ALG_ARGON2ID13:
        if (argon2id_hash_raw((uint32_t) opslimit, (uint32_t) (memlimit / 1024U),
--- a/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c
+++ b/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c
@ -176,6 +176,10 @@ crypto_pwhash_scryptsalsa208sha256(unsigned char *const       out,
        errno = EINVAL; /* LCOV_EXCL_LINE */
        return -1;      /* LCOV_EXCL_LINE */
    }
+    if ((const void *) out == (const void *) passwd) {
+        errno = EINVAL;
+        return -1;
+    }
    return crypto_pwhash_scryptsalsa208sha256_ll(
        (const uint8_t *) passwd, (size_t) passwdlen, (const uint8_t *) salt,
        crypto_pwhash_scryptsalsa208sha256_SALTBYTES, (uint64_t)(1) << N_log2,