diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | example/ndpiReader.c | 19 | ||||
| -rw-r--r-- | example/reader_util.c | 38 | ||||
| -rw-r--r-- | example/reader_util.h | 3 | ||||
| -rw-r--r-- | fuzz/Makefile.am | 36 | ||||
| -rw-r--r-- | fuzz/fuzz_ds_domain_classify.cpp | 4 | ||||
| -rw-r--r-- | fuzz/fuzz_gcrypt_aes.cpp | 62 | ||||
| -rw-r--r-- | fuzz/fuzz_gcrypt_gcm.cpp | 101 | ||||
| -rw-r--r-- | fuzz/fuzz_readerutils_workflow.cpp | 16 | ||||
| -rw-r--r-- | src/lib/ndpi_main.c | 4 | ||||
| -rw-r--r-- | src/lib/third_party/src/gcrypt/gcm.c | 2 |
11 files changed, 245 insertions, 42 deletions
diff --git a/.gitignore b/.gitignore index 732142831..26c887e79 100644 --- a/.gitignore +++ b/.gitignore @@ -78,6 +78,8 @@ /fuzz/fuzz_dga /fuzz/fuzz_ds_cmsketch /fuzz/fuzz_gcrypt_light +/fuzz/fuzz_gcrypt_aes +/fuzz/fuzz_gcrypt_gcm /fuzz/fuzz_ndpi_reader_payload_analyzer /fuzz/fuzz_filecfg_protocols /fuzz/fuzz_readerutils_workflow diff --git a/example/ndpiReader.c b/example/ndpiReader.c index 2a7c3b232..3601978c0 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -31,6 +31,7 @@ #include <stdio.h> #include <stdlib.h> #include <getopt.h> +#include <float.h> /* FLT_EPSILON */ #ifdef WIN32 #include <winsock2.h> /* winsock.h is included automatically */ #include <windows.h> @@ -407,6 +408,22 @@ static void ndpiCheckIPMatch(char *testChar) { /********************** FUNCTIONS ********************* */ +static double ndpi_flow_get_byte_count_entropy(const uint32_t byte_count[256], + unsigned int num_bytes) +{ + int i; + double sum = 0.0; + + for(i=0; i<256; i++) { + double tmp = (double) byte_count[i] / (double) num_bytes; + + if(tmp > FLT_EPSILON) { + sum -= tmp * logf(tmp); + } + } + return(sum / log(2.0)); +} + /** * @brief Set main components necessary to the detection */ @@ -433,6 +450,8 @@ flowGetBDMeanandVariance(struct ndpi_flow_info* flow) { * Sum up the byte_count array for outbound and inbound flows, * if this flow is bidirectional */ + /* TODO: we could probably use ndpi_data_* generic functions to simplify the code and + to get rid of `ndpi_flow_get_byte_count_entropy()` */ if (!flow->bidirectional) { array = last_entropy->src2dst_byte_count; num_bytes = last_entropy->src2dst_l4_bytes; diff --git a/example/reader_util.c b/example/reader_util.c index 86c45b351..566c64607 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -220,10 +220,7 @@ void ndpi_payload_analyzer(struct ndpi_flow_info *flow, for(j=min_pattern_len; j <= max_pattern_len; j++) { if((i+j) < payload_len) { if(ndpi_analyze_payload(flow, src_to_dst_direction, &payload[i], j, packet_id) == -1) { -#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - /* Avoid too much logging while fuzzing */ LOG(NDPI_LOG_ERROR, "Error ndpi_analyze_payload (allocation failure)\n"); -#endif } } } @@ -462,8 +459,11 @@ struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * pref static NDPI_PROTOCOL_BITMASK debug_bitmask; static int _debug_protocols_ok = 0; + /* On some fuzzers we don't want to use these memory allocators, but some custom ones */ +#ifndef DISABLE_CUSTOM_ALLOCATOR_ON_READERUTILS set_ndpi_malloc(ndpi_malloc_wrapper), set_ndpi_free(free_wrapper); set_ndpi_flow_malloc(NULL), set_ndpi_flow_free(NULL); +#endif /* TODO: just needed here to init ndpi ndpi_malloc wrapper */ module = ndpi_init_detection_module(init_prefs); @@ -500,8 +500,14 @@ struct ndpi_workflow* ndpi_workflow_init(const struct ndpi_workflow_prefs * pref if(_debug_protocols_ok) ndpi_set_debug_bitmask(module, debug_bitmask); - if(do_init_flows_root) + if(do_init_flows_root) { workflow->ndpi_flows_root = ndpi_calloc(workflow->prefs.num_roots, sizeof(void *)); + if(!workflow->ndpi_flows_root) { + ndpi_exit_detection_module(module); + ndpi_free(workflow); + return NULL; + } + } workflow->ndpi_serialization_format = serialization_format; @@ -742,24 +748,6 @@ ndpi_flow_update_byte_dist_mean_var(ndpi_flow_info_t *flow, const void *x, /* ***************************************************** */ -double ndpi_flow_get_byte_count_entropy(const uint32_t byte_count[256], - unsigned int num_bytes) -{ - int i; - double sum = 0.0; - - for(i=0; i<256; i++) { - double tmp = (double) byte_count[i] / (double) num_bytes; - - if(tmp > FLT_EPSILON) { - sum -= tmp * logf(tmp); - } - } - return(sum / log(2.0)); -} - -/* ***************************************************** */ - static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow, const u_int8_t version, u_int16_t vlan_id, @@ -908,10 +896,7 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow struct ndpi_flow_info *newflow = (struct ndpi_flow_info*)ndpi_malloc(sizeof(struct ndpi_flow_info)); if(newflow == NULL) { -#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - /* Avoid too much logging while fuzzing */ LOG(NDPI_LOG_ERROR, "[NDPI] %s(1): not enough memory\n", __FUNCTION__); -#endif return(NULL); } else workflow->num_allocated_flows++; @@ -952,10 +937,7 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow } if((newflow->ndpi_flow = ndpi_flow_malloc(SIZEOF_FLOW_STRUCT)) == NULL) { -#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION - /* Avoid too much logging while fuzzing */ LOG(NDPI_LOG_ERROR, "[NDPI] %s(2): not enough memory\n", __FUNCTION__); -#endif ndpi_flow_info_free_data(newflow); ndpi_free(newflow); return(NULL); diff --git a/example/reader_util.h b/example/reader_util.h index 6466d9d90..f152c2ecd 100644 --- a/example/reader_util.h +++ b/example/reader_util.h @@ -414,12 +414,11 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl void ndpi_flow_info_free_data(struct ndpi_flow_info *flow); void ndpi_flow_info_freer(void *node); const char* print_cipher_id(u_int32_t cipher); -double ndpi_flow_get_byte_count_entropy(const uint32_t byte_count[256], unsigned int num_bytes); int parse_proto_name_list(char *str, NDPI_PROTOCOL_BITMASK *bitmask, int inverted_logic); extern int nDPI_LogLevel; -#ifdef NDPI_ENABLE_DEBUG_MESSAGES +#if defined(NDPI_ENABLE_DEBUG_MESSAGES) && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) #define LOG(log_level, args...) \ { \ if(log_level <= nDPI_LogLevel) \ diff --git a/fuzz/Makefile.am b/fuzz/Makefile.am index 3903c85cd..2568af4b1 100644 --- a/fuzz/Makefile.am +++ b/fuzz/Makefile.am @@ -6,7 +6,7 @@ bin_PROGRAMS += fuzz_ds_patricia fuzz_ds_ahocorasick fuzz_ds_libcache fuzz_ds_tr #Third party bin_PROGRAMS += fuzz_libinjection fuzz_binaryfusefilter #Internal crypto -bin_PROGRAMS += fuzz_gcrypt_light +bin_PROGRAMS += fuzz_gcrypt_light fuzz_gcrypt_aes fuzz_gcrypt_gcm #Configuration files bin_PROGRAMS += fuzz_filecfg_protocols #Reader utils @@ -427,6 +427,36 @@ fuzz_gcrypt_light_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ $(fuzz_gcrypt_light_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ +fuzz_gcrypt_aes_SOURCES = fuzz_gcrypt_aes.cpp +fuzz_gcrypt_aes_CXXFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -I ../src/lib/third_party/include/ +fuzz_gcrypt_aes_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -I ../src/lib/third_party/include/ +fuzz_gcrypt_aes_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) +fuzz_gcrypt_aes_LDFLAGS = $(LIBS) +if HAS_FUZZLDFLAGS +fuzz_gcrypt_aes_CXXFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_gcrypt_aes_CFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_gcrypt_aes_LDFLAGS += $(LIB_FUZZING_ENGINE) +endif +# force usage of CXX for linker +fuzz_gcrypt_aes_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ + $(fuzz_gcrypt_aes_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ + +fuzz_gcrypt_gcm_SOURCES = fuzz_gcrypt_gcm.cpp +fuzz_gcrypt_gcm_CXXFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -I ../src/lib/third_party/include/ +fuzz_gcrypt_gcm_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -I ../src/lib/third_party/include/ +fuzz_gcrypt_gcm_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) +fuzz_gcrypt_gcm_LDFLAGS = $(LIBS) +if HAS_FUZZLDFLAGS +fuzz_gcrypt_gcm_CXXFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_gcrypt_gcm_CFLAGS += $(LIB_FUZZING_ENGINE) +fuzz_gcrypt_gcm_LDFLAGS += $(LIB_FUZZING_ENGINE) +endif +# force usage of CXX for linker +fuzz_gcrypt_gcm_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CXX) @NDPI_CFLAGS@ $(AM_CXXFLAGS) $(CXXFLAGS) \ + $(fuzz_gcrypt_gcm_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ + fuzz_filecfg_protocols_SOURCES = fuzz_filecfg_protocols.c fuzz_common_code.c fuzz_filecfg_protocols_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) fuzz_filecfg_protocols_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) @@ -441,8 +471,8 @@ fuzz_filecfg_protocols_LINK=$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(fuzz_filecfg_protocols_LDFLAGS) @NDPI_LDFLAGS@ $(LDFLAGS) -o $@ fuzz_readerutils_workflow_SOURCES = fuzz_readerutils_workflow.cpp fuzz_common_code.c ../example/reader_util.c -fuzz_readerutils_workflow_CXXFLAGS = -I../example/ @NDPI_CFLAGS@ $(CXXFLAGS) -fuzz_readerutils_workflow_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) +fuzz_readerutils_workflow_CXXFLAGS = -I../example/ @NDPI_CFLAGS@ $(CXXFLAGS) -DDISABLE_CUSTOM_ALLOCATOR_ON_READERUTILS +fuzz_readerutils_workflow_CFLAGS = @NDPI_CFLAGS@ $(CXXFLAGS) -DDISABLE_CUSTOM_ALLOCATOR_ON_READERUTILS fuzz_readerutils_workflow_LDADD = ../src/lib/libndpi.a $(ADDITIONAL_LIBS) fuzz_readerutils_workflow_LDFLAGS = $(PCAP_LIB) $(LIBS) if HAS_FUZZLDFLAGS diff --git a/fuzz/fuzz_ds_domain_classify.cpp b/fuzz/fuzz_ds_domain_classify.cpp index 9a945deff..40acd9b18 100644 --- a/fuzz/fuzz_ds_domain_classify.cpp +++ b/fuzz/fuzz_ds_domain_classify.cpp @@ -33,7 +33,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } } - ndpi_domain_classify_add_domains(d, NDPI_PROTOCOL_UNKNOWN, "random_list.list"); + ndpi_domain_classify_add_domains(d, + fuzzed_data.ConsumeIntegralInRange(0, NDPI_LAST_IMPLEMENTED_PROTOCOL - 1), + (char *)"random_list.list"); if (fuzzed_data.ConsumeBool()) ndpi_domain_classify_finalize(d); diff --git a/fuzz/fuzz_gcrypt_aes.cpp b/fuzz/fuzz_gcrypt_aes.cpp new file mode 100644 index 000000000..1469ab0ce --- /dev/null +++ b/fuzz/fuzz_gcrypt_aes.cpp @@ -0,0 +1,62 @@ +#include <stdlib.h> +#include <stdint.h> +#include "fuzzer/FuzzedDataProvider.h" + +#define MBEDTLS_CHECK_RETURN_TYPICAL +#include "../src/lib/third_party/include/gcrypt/aes.h" + +extern int force_no_aesni; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + FuzzedDataProvider fuzzed_data(data, size); + mbedtls_aes_context *ctx; + int key_lens[] = { 128, 192, 256, 512 /* invalid */ }; + unsigned char *input, *output, *key; + int i, key_len, mode, rc; + + /* No real memory allocations involved */ + + if(fuzzed_data.remaining_bytes() < 1 + 1 + 4 + 512 / 8 + 16) + return -1; + + posix_memalign((void **)&input, 8, 16); + posix_memalign((void **)&output, 8, 16); + posix_memalign((void **)&key, 8, 512 / 8); + ctx = (mbedtls_aes_context *)malloc(sizeof(mbedtls_aes_context)); + + force_no_aesni = 0; + if(fuzzed_data.ConsumeBool()) + force_no_aesni = 1; + + mode = MBEDTLS_AES_ENCRYPT; + if(fuzzed_data.ConsumeBool()) + mode = MBEDTLS_AES_DECRYPT; + + mbedtls_aes_init(ctx); + + key_len = fuzzed_data.PickValueInArray(key_lens); + std::vector<unsigned char>k = fuzzed_data.ConsumeBytes<u_int8_t>(key_len / 8); + std::vector<u_int8_t>in = fuzzed_data.ConsumeBytes<uint8_t>(16); + + for(i = 0; i < 16; i++) + input[i] = in[i]; + for(i = 0; i < key_len / 8; i++) + key[i] = k[i]; + + if(mode == MBEDTLS_AES_ENCRYPT) + rc = mbedtls_aes_setkey_enc(ctx, key, key_len); + else + rc = mbedtls_aes_setkey_dec(ctx, key, key_len); + + if(rc == 0) + mbedtls_aes_crypt_ecb(ctx, mode, input, output); + + mbedtls_aes_free(ctx); + + free(ctx); + free(key); + free(input); + free(output); + + return 0; +} diff --git a/fuzz/fuzz_gcrypt_gcm.cpp b/fuzz/fuzz_gcrypt_gcm.cpp new file mode 100644 index 000000000..37bb35e3d --- /dev/null +++ b/fuzz/fuzz_gcrypt_gcm.cpp @@ -0,0 +1,101 @@ +#include <stdlib.h> +#include <stdint.h> +#include <assert.h> +#include "fuzzer/FuzzedDataProvider.h" + +#define MBEDTLS_CHECK_RETURN_TYPICAL +#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) +#include "../src/lib/third_party/include/gcrypt/aes.h" +#include "../src/lib/third_party/include/gcrypt/cipher.h" +#include "../src/lib/third_party/include/gcrypt/gcm.h" + +extern int force_no_aesni; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + FuzzedDataProvider fuzzed_data(data, size); + mbedtls_aes_context *aes_e_ctx, *aes_d_ctx; + mbedtls_gcm_context *gcm_e_ctx, *gcm_d_ctx; + int key_lens[] = { 128, 192, 256, 512 /* invalid */ }; + unsigned char *output, *decrypted; + int key_len, rc_e, rc_d; + mbedtls_cipher_id_t cipher; + unsigned char *tag; + int iv_len, tag_len, input_length; + + /* No real memory allocations involved */ + + if(fuzzed_data.remaining_bytes() < 1 + 4 + 512 / 8 + + 1 + 64 + /* iv */ + 1 + /* tag_len */ + 1 + 64 + /* input */ + 1 /* useless data: to be able to add the check with assert */) + return -1; + + gcm_e_ctx = (mbedtls_gcm_context *)malloc(sizeof(mbedtls_gcm_context)); + gcm_d_ctx = (mbedtls_gcm_context *)malloc(sizeof(mbedtls_gcm_context)); + aes_e_ctx = (mbedtls_aes_context *)malloc(sizeof(mbedtls_aes_context)); + aes_d_ctx = (mbedtls_aes_context *)malloc(sizeof(mbedtls_aes_context)); + + /* Not sure if it is really necessary... */ + force_no_aesni = 0; + if(fuzzed_data.ConsumeBool()) + force_no_aesni = 1; + + key_len = fuzzed_data.PickValueInArray(key_lens); + std::vector<unsigned char>key = fuzzed_data.ConsumeBytes<u_int8_t>(key_len / 8); + + iv_len = fuzzed_data.ConsumeIntegralInRange(0, 64); + std::vector<u_int8_t>iv = fuzzed_data.ConsumeBytes<uint8_t>(iv_len); + + tag_len = fuzzed_data.ConsumeIntegralInRange(0, 17); + tag = (unsigned char *)malloc(tag_len); + + input_length = fuzzed_data.ConsumeIntegralInRange(16, 64); + std::vector<unsigned char>input = fuzzed_data.ConsumeBytes<u_int8_t>(input_length); + output = (unsigned char *)malloc(input_length); + decrypted = (unsigned char *)malloc(input_length); + + cipher = static_cast<mbedtls_cipher_id_t>(fuzzed_data.ConsumeIntegralInRange(0, (int)MBEDTLS_CIPHER_ID_CHACHA20)); + + assert(fuzzed_data.remaining_bytes() > 0); + + mbedtls_gcm_init(gcm_e_ctx, aes_e_ctx); + mbedtls_gcm_init(gcm_d_ctx, aes_d_ctx); + + rc_e = mbedtls_gcm_setkey(gcm_e_ctx, cipher, key.data(), key.size() * 8); + rc_d = mbedtls_gcm_setkey(gcm_d_ctx, cipher, key.data(), key.size() * 8); + + if (rc_e == 0 && rc_d == 0) { + rc_e = mbedtls_gcm_crypt_and_tag(gcm_e_ctx, MBEDTLS_GCM_ENCRYPT, + input.size(), + iv.data(), iv.size(), + NULL, 0, /* TODO */ + input.data(), + output, + tag_len, tag); + if(rc_e == 0) { + rc_d = mbedtls_gcm_auth_decrypt(gcm_d_ctx, + input.size(), + iv.data(), iv.size(), + NULL, 0, /* TODO */ + tag, tag_len, + output, + decrypted); + if (rc_d == 0) + assert(memcmp(input.data(), decrypted, input.size()) == 0); + } + } + + mbedtls_gcm_free(gcm_e_ctx); + mbedtls_gcm_free(gcm_d_ctx); + + free(tag); + free(gcm_e_ctx); + free(gcm_d_ctx); + free(aes_e_ctx); + free(aes_d_ctx); + free(output); + free(decrypted); + + return 0; +} diff --git a/fuzz/fuzz_readerutils_workflow.cpp b/fuzz/fuzz_readerutils_workflow.cpp index 90d0ac094..f753560f2 100644 --- a/fuzz/fuzz_readerutils_workflow.cpp +++ b/fuzz/fuzz_readerutils_workflow.cpp @@ -31,7 +31,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { ndpi_risk flow_risk; const u_char *pkt; struct pcap_pkthdr *header; - int r; + int r, rc; char errbuf[PCAP_ERRBUF_SIZE]; FILE *fd; u_int8_t debug_protos_index; @@ -91,14 +91,16 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { w = ndpi_workflow_init(&prefs, pcap_handle, 1, serialization_format); if(w) { NDPI_BITMASK_SET_ALL(enabled_bitmask); - ndpi_set_protocol_detection_bitmask2(w->ndpi_struct, &enabled_bitmask); - ndpi_finalize_initialization(w->ndpi_struct); + rc = ndpi_set_protocol_detection_bitmask2(w->ndpi_struct, &enabled_bitmask); + if(rc == 0) { + ndpi_finalize_initialization(w->ndpi_struct); - header = NULL; - r = pcap_next_ex(pcap_handle, &header, &pkt); - while (r > 0) { - ndpi_workflow_process_packet(w, header, pkt, &flow_risk); + header = NULL; r = pcap_next_ex(pcap_handle, &header, &pkt); + while (r > 0) { + ndpi_workflow_process_packet(w, header, pkt, &flow_risk); + r = pcap_next_ex(pcap_handle, &header, &pkt); + } } ndpi_workflow_free(w); diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 0cc26233d..274273cb9 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -2670,12 +2670,16 @@ void ndpi_debug_printf(unsigned int proto, struct ndpi_detection_module_struct * ndpi_vsnprintf(str, sizeof(str) - 1, format, args); va_end(args); + /* While fuzzing, we want to test log code, but we don't want to log anything! */ +#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION if(ndpi_str != NULL || (file_name != NULL && func_name != NULL)) { printf("%s:%s:%-3d - [%u]: %s", file_name, func_name, line_number, proto, str); } else { printf("Proto: %u, %s", proto, str); } #endif + +#endif } /* ****************************************** */ diff --git a/src/lib/third_party/src/gcrypt/gcm.c b/src/lib/third_party/src/gcrypt/gcm.c index e793465f5..98ef9afbd 100644 --- a/src/lib/third_party/src/gcrypt/gcm.c +++ b/src/lib/third_party/src/gcrypt/gcm.c @@ -84,7 +84,7 @@ static void xorbytes3e( unsigned char *output, unsigned char *buf, n -= LBLOCKSIZE; } while(n) { - *output++ = *input++ ^ *ectr++; + *output = *input++ ^ *ectr++; *buf++ ^= *output++; n--; } |