Uploaded image for project: 'Parquet'
  1. Parquet
  2. PARQUET-1997

[C++] AesEncryptor and AesDecryptor primitives are unsafe

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • parquet-cpp
    • None

    Description

      AesEncryptor::Encrypt, AesDecryptor::Decrypt take a pointer to the output buffer but without the output buffer length. The caller is required to guess the expected output length. The functions also return the written output length, but at this point it's too late: data may have been written out of bounds.

      Attachments

        Activity

          People

            Unassigned Unassigned
            apitrou Antoine Pitrou
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: