encryption - Malloc in openssl -


i got problem when encrypt data aes encryption. source code:

    std::string aes_encrypt( std::string text, std::string password ){     evp_cipher_ctx ectx;     std::string key = sha256(password);     std::string iv = sha256("aes_iv_"+password);     int size = text.size();     unsigned char* out = (unsigned char*)malloc( size );     int outlen = 0;     int tlen = 0;      evp_cipher_ctx_init( &ectx );     evp_encryptinit( &ectx, evp_aes_256_cbc(), (const unsigned char*)key.c_str(), (const unsigned char*)iv.c_str() );     evp_encryptupdate( &ectx, out, &outlen, (const unsigned char*)text.c_str(), text.size() );     tlen += outlen;     evp_encryptfinal( &ectx, out+tlen, &outlen );     tlen += outlen;     evp_cipher_ctx_cleanup( &ectx );      std::string data( (const char*)out, tlen );     free( out );     return data; }

my application crash in line: free(out); solution fix problem?

in line "out = (unsigned char*) malloc(size)" assume output never longer input. not case (openssl documentation says have add block size or so), believe have buffer overflow in malloc'ed buffer during encryption, causes crash during free(...) call --- that's quite usual thing when destroy malloc/free data structures overflowing malloc'ated buffer.


Comments

Post a Comment

Popular posts from this blog

Change php variable from jquery value using ajax (same page) -

what i'm trying this: i've php global variable $currentid , simple jquery script check if there "id" (page) in hash of url , if yes wanted give value $currentid . i've been reading lot , notice shall use ajax i'm not managing it. my code is: <script type="text/javascript"> $(document).ready(function(){ if (parent.location.hash != '' ) { var thecurrentid = parent.location.hash.split('#')[1]; $.ajax({ url: 'my.php', //current page type: 'post', data: {theid: thecurrentid }, datatype: 'json', success: function () { } }); } // code here }); </script> could me please? thank in advance. php server side language, meaning once has sent data browser, php variables , data cannot changed... however, using ajax, can send request php page , change data in dom based on result. consider th...
Read more

Pull out data related to my apps from Android Play Store and iOS App Store -

i want pull out data related apps (ratings, reviews, etc) google play store , apple app store ? how can accomplish ? i have found open source apis google mentioned not reliable. also there paid apis (e.g. appfigures) available. has idea how able pull data these play stores ?? i looking direction on how can accomplish this. can suggest ? we (appfigures) have been working on developing infrastructure give ability reviews , bunch of other data points major app stores several years :] we make available via our api though may want check out.
Read more

How can I fetch data from a web server in an android application? -

i want retrieve data web server in android application, , don't know begin. should use web services? i recommend these tutorials: connect android php , mysql , json in android , php , mysqli i used these tutorials , managed trying working without difficulty. between them describe each step in how attempting @ each stage, android application, database , web server side , has information included can process , use received information the thing add connect android php , mysql tutorial makes use of mysql_ in php deprecated. better use mysqli why included third link. the basic outline of want this: 1) in android app make request server php script using class this: import java.io.bufferedreader; import java.io.ioexception; import java.io.inputstream; import java.io.inputstreamreader; import java.io.unsupportedencodingexception; import java.util.list; import org.apache.http.httpentity; import org.apache.http.httpresponse; import org.apache.http.namevaluepair...
Read more