From f6f049256cdd7f97229433721928270822cb1c70 Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Sun, 14 Jun 2026 15:36:02 +0800 Subject: [PATCH] Fix ZUC out-of-bounds read --- CMakeLists.txt | 2 +- include/gmssl/version.h | 2 +- include/gmssl/zuc.h | 5 +++-- src/zuc.c | 11 ++++++++--- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 23c122ce..aa8e19c5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -777,7 +777,7 @@ endif() # set(CPACK_PACKAGE_NAME "GmSSL") set(CPACK_PACKAGE_VENDOR "GmSSL develop team") -set(CPACK_PACKAGE_VERSION "3.2.0-dev.1039") +set(CPACK_PACKAGE_VERSION "3.2.0-dev.1042") set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md) set(CPACK_NSIS_MODIFY_PATH ON) include(CPack) diff --git a/include/gmssl/version.h b/include/gmssl/version.h index af0a7fe2..9dbb2834 100644 --- a/include/gmssl/version.h +++ b/include/gmssl/version.h @@ -19,7 +19,7 @@ extern "C" { // Also update CPACK_PACKAGE_VERSION in CMakeLists.txt #define GMSSL_VERSION_NUM 30200 -#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1039" +#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1042" int gmssl_version_num(void); const char *gmssl_version_str(void); diff --git a/include/gmssl/zuc.h b/include/gmssl/zuc.h index f743eb04..23d5bf45 100644 --- a/include/gmssl/zuc.h +++ b/include/gmssl/zuc.h @@ -92,9 +92,10 @@ typedef struct ZUC256_MAC_CTX_st { } ZUC256_MAC_CTX; void zuc256_mac_init(ZUC256_MAC_CTX *ctx, const uint8_t key[ZUC256_KEY_SIZE], - const uint8_t iv[ZUC256_IV_SIZE], int macbits); + const uint8_t iv[ZUC256_IV_SIZE], int macbits); // macbits should be 32, 64, or 128 void zuc256_mac_update(ZUC256_MAC_CTX *ctx, const uint8_t *data, size_t len); -void zuc256_mac_finish(ZUC256_MAC_CTX *ctx, const uint8_t *data, size_t nbits, uint8_t mac[ZUC_MAC_SIZE]); +void zuc256_mac_finish(ZUC256_MAC_CTX *ctx, const uint8_t *data, size_t nbits, + uint8_t *mac); // mac size should be 4, 8 or 16 typedef struct { diff --git a/src/zuc.c b/src/zuc.c index cb2188e0..da260a8c 100644 --- a/src/zuc.c +++ b/src/zuc.c @@ -325,11 +325,11 @@ void zuc_encrypt(ZUC_STATE *state, const uint8_t *in, size_t inlen, uint8_t *out } LFSR[15] = V; - // xor with plaintext - Z ^= GETU32(in); - // output ciphertext if (inlen >= 4) { + // xor with plaintext + Z ^= GETU32(in); + PUTU32(out, Z); inlen -= 4; in += 4; @@ -338,6 +338,11 @@ void zuc_encrypt(ZUC_STATE *state, const uint8_t *in, size_t inlen, uint8_t *out uint8_t word[4]; size_t i; + memcpy(word, in, inlen); + + // xor with plaintext + Z ^= GETU32(word); + PUTU32(word, Z); for (i = 0; i < inlen; i++) { out[i] = word[i];