To meet requirements of Common Criteria certification vulnerablility
assessment. Static code analysis has been run and found the following
error. Overlapping_buffer: The source buffer potentially overlaps
with the destination buffer, which results in undefined
behavior for "memcpy".
The change is to use memmove instead of memcpy.
Signed-off-by: Nigel Croxon <ncroxon@xxxxxxxxxx>
---
sha1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sha1.c b/sha1.c
index 11be7045..89b32f46 100644
--- a/sha1.c
+++ b/sha1.c
@@ -258,7 +258,7 @@ sha1_process_bytes (const void *buffer, size_t len, struct sha1_ctx *ctx)
{
sha1_process_block (ctx->buffer, 64, ctx);
left_over -= 64;
- memcpy (ctx->buffer, &ctx->buffer[16], left_over);
+ memmove (ctx->buffer, &ctx->buffer[16], left_over);
}
ctx->buflen = left_over;
}
--
2.29.2
