RFC Errata

Errata Search

Source of RFC  
Summary Table Full Records

RFC 1751, "A Convention for Human-Readable 128-bit Keys", December 1994

Source of RFC: Legacy
Area Assignment: sec
See Also: RFC 1751 w/ inline errata

Errata ID: 4617
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Yoav Nir
Date Reported: 2016-02-10
Verifier Name: Stephen Farrell
Date Verified: 2016-09-12

Section Appendix A says:

char *c, *engout;
        char cp[9];     /* add in room for the parity 2 bits*/

It should say:

char *c, *engout;
        char cp[10];     /* add in room for the parity 2 bits*/


This is an off-by-one error in the sample code in Appendix A.

Further down, we have this loop:
for(p = 0,i = 0; i < 64;i += 2)
p += extract(cp,i,2);

So i goes all the way to 62, and 9-byte cp is passed to extract()

In extract, we have this:
static unsigned long
extract(s, start, length)
char *s;
int start, length;
cr = s[start/8 +2];

If start is 62, then (start/8+2) is 9. s is the same 9-byte cp, and s[start/8 +2] is a one-byte overflow.

Report New Errata

Advanced Search