From 7f6400ed1939d99544c7340ea9db69ff9bb9d104 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 13 Nov 2011 21:36:23 +0200 Subject: [PATCH] Make sha256_process() easier for static analyzers md->curlen cannot indicate full buffer size here since the buffered data is processed whenever the full block size of data is available. Avoid invalid warnings from static analyzers on memcpy() outside the buffer length by verifying that curlen is smaller than block size. Signed-hostap: Jouni Malinen --- src/crypto/sha256-internal.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/crypto/sha256-internal.c b/src/crypto/sha256-internal.c index 01a800742..aeaa0a106 100644 --- a/src/crypto/sha256-internal.c +++ b/src/crypto/sha256-internal.c @@ -164,7 +164,7 @@ static int sha256_process(struct sha256_state *md, const unsigned char *in, unsigned long n; #define block_size 64 - if (md->curlen > sizeof(md->buf)) + if (md->curlen >= sizeof(md->buf)) return -1; while (inlen > 0) {