Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#5 Problem with Security Fix for Windows Version

open
nobody
None
5
2007-12-16
2007-12-16
Kit Sczudlo
No

When attempting to compile with GAPING_SECURITY_HOLE on Microsoft Visual Studio 6.0 I get three errors:

doexec.c
c:\...\cryptcat-nt-1.2.1\nt\doexec.c(438) : error C2065: 'RecvBuffer' : undeclared identifier
c:\...\cryptcat-nt-1.2.1\nt\doexec.c(438) : error C2109: subscript requires array or pointer type
c:\...\cryptcat-nt-1.2.1\nt\doexec.c(438) : error C2109: subscript requires array or pointer type

To fix it, you have to undo the actual "fix" part of it, but if you replace:
<code>
if (RecvBuffer[0] == '\n' || RecvBuffer[0] == '\r' || BufferCnt > BUFFER_SIZE-1) {
</code>
with:
<code>
if (Buffer[BufferCnt - 1] == '\n' || Buffer[BufferCnt - 1] == '\r' || BufferCnt > BUFFER_SIZE-1)
</code>
It will work.

I tried adapting the code to read only one byte at a time, but the farm9crypt_read() function ignored the length of 1 for the size, and read back as much data as it wanted to.

I don't know any cryptography, nor do I understand much of the code in the farm9crypt.cpp file, but could it be adapted to read fewer bytes?

Discussion