Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
AesEncryptor::Encrypt, AesDecryptor::Decrypt take a pointer to the output buffer but without the output buffer length. The caller is required to guess the expected output length. The functions also return the written output length, but at this point it's too late: data may have been written out of bounds.