From 0ca7afcb872d154031653e22cefe040e7e97331b Mon Sep 17 00:00:00 2001
From: Mikael Bung <mkbung@gmail.com>
Date: Sat, 20 Feb 2016 15:29:31 +0100
Subject: [PATCH] [SECURITY] Fix a buffer overflow in SHA384

Caused by a difference in the size of the digest
byte array allocated on Haskell side and the
amount of bytes copied to it on the C side.

In cbits/cryptonite_sha512.c:cryptonite_sha384_finalize
SHA384_DIGEST_SIZE bytes is copied into the out buffer.
SHA384_DIGEST_SIZE is #defined as 64 in cbits/cryptonite_sha512.h
while the buffer given will have size 48, as defined in
Crypto/Hash/SHA384.hs.

Defining SHA384_DIGEST_SIZE as 48 fixes the issue.
---
 cbits/cryptonite_sha512.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cbits/cryptonite_sha512.h b/cbits/cryptonite_sha512.h
index 85801fe..0686162 100644
--- a/cbits/cryptonite_sha512.h
+++ b/cbits/cryptonite_sha512.h
@@ -35,7 +35,7 @@ struct sha512_ctx
 
 #define sha384_ctx sha512_ctx
 
-#define SHA384_DIGEST_SIZE	64
+#define SHA384_DIGEST_SIZE	48
 #define SHA384_CTX_SIZE		sizeof(struct sha384_ctx)
 
 #define SHA512_DIGEST_SIZE	64