CMAC + SERPENT/IDEA/RC2 buffer overflow/crash with oversized key

Andreas Metzler ametzler at
Fri Apr 2 18:00:02 CEST 2021

On 2021-03-31 Guido Vranken via Gcrypt-devel <gcrypt-devel at> wrote:
> In the program below, each of three calls to cmac() causes a different
> crash (use AddressSanitizer to be sure). I think the correct approach is to
> make gcry_mac_setkey() return an error code if the key has an inappropriate
> size.

Is this exploitable?

cu Andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Gcrypt-devel mailing list