|
blake2s_compress( S, S->buf ); // Compress |
|
#else |
|
blake2s_compress( S, S->buf ); // Compress |
|
#endif |
|
|
|
memcpy( S->buf, S->buf + BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES ); // Shift buffer left |
|
S->buflen -= BLAKE2S_BLOCKBYTES; |
|
in += fill; |
|
inlen -= fill; |
|
} |
|
else // inlen <= fill |
Filename: blake2s.cpp
Line: 149
CWE: 121 (Stack-based Buffer Overflow)
This call to memcpy() contains a potential buffer overflow. The specified size of 64 bytes is larger than the space allocated to the destination buffer ((tainted) bytes). If an attacker can control the data written into the buffer, the overflow may result in execution of arbitrary code. Ensure that the specified size is within the bounds of the allocated space. References: CWE OWASP Veracode/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode
Sumatrapdf-cpp//ext/unrar/blake2s.cpp
Lines 144 to 154 in feca3c8
Filename: blake2s.cpp
Line: 149
CWE: 121 (Stack-based Buffer Overflow)
This call to memcpy() contains a potential buffer overflow. The specified size of 64 bytes is larger than the space allocated to the destination buffer ((tainted) bytes). If an attacker can control the data written into the buffer, the overflow may result in execution of arbitrary code. Ensure that the specified size is within the bounds of the allocated space. References: CWE OWASP Veracode/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode