[pycrypto] Buffer overflow in ARC2.new() with len(key) > 128 bytes

Dwayne C. Litzenberger dlitz at dlitz.net
Fri Feb 6 18:39:14 CST 2009

Mike Wiacek from the Google Security Team pointed out a buffer overflow in 
PyCrypto's ARC2 cipher module, which occurs when attempting to initialize 
ARC2 with a key longer than 128 bytes.

The test case is at: http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=fd73731dfad451a81056fbb01e09aa78ab82eb5d

The fix is at: http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d1c4875e1f220652fe7ff8358f56dee3b2aba31b

Thanks, Mike!

Dwayne C. Litzenberger <dlitz at dlitz.net>
  Key-signing key   - 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7
  Annual key (2008) - 4B2A FD82 FC7D 9E38 38D9  179F 1C11 B877 E780 4B45

More information about the pycrypto mailing list