aboutsummaryrefslogtreecommitdiff
path: root/javascript/olm_post.js
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2016-12-16 14:42:41 +0000
committerRichard van der Hoff <richard@matrix.org>2016-12-16 14:42:41 +0000
commit8e554ab5ef5a17c7eb271000217e036be07d88db (patch)
treee53c21d74558b47c7c20238d75d814273b399a82 /javascript/olm_post.js
parent7fd63bcac7110abd5a1eef927abc3184da68a35c (diff)
Avoid buffer overrun on encryption
Make sure we null-terminate encrypted strings before passing them to UTF8ToString. This used to work when we allocated the buffer on the stack, because it turns out that allocate() zeroinits the returned memory. malloc(), of course, does not.
Diffstat (limited to 'javascript/olm_post.js')
-rw-r--r--javascript/olm_post.js8
1 files changed, 8 insertions, 0 deletions
diff --git a/javascript/olm_post.js b/javascript/olm_post.js
index 3e80c0b..65eab02 100644
--- a/javascript/olm_post.js
+++ b/javascript/olm_post.js
@@ -335,6 +335,14 @@ Session.prototype['encrypt'] = restore_stack(function(
random, random_length,
message_buffer, message_length
);
+
+ // UTF8ToString requires a null-terminated argument, so add the
+ // null terminator.
+ Module['setValue'](
+ message_buffer+message_length,
+ 0, "i8"
+ );
+
return {
"type": message_type,
"body": Module['UTF8ToString'](message_buffer),