** Changed in: hipl Status: New => Fix Committed ** Branch linked: lp:~stefan.goetz/hipl/dh-key-generation-fixes -- Out-of-bounds array access in DH key generation https://bugs.launchpad.net/bugs/667764 You received this bug notification because you are a member of HIPL core team, which is subscribed to HIPL. Status in Host Identity Protocol for Linux: Fix Committed Bug description: Compiling with -O3 fails revealing an out-of-bounds access to an array in hipd/dh.c:hip_regen_dh_keys() lib/core/crypto.h: #define HIP_MAX_DH_GROUP_ID 7 hipd/dh.c: DH *dh_table[HIP_MAX_DH_GROUP_ID] = {0}; [...] for (i = 1; i <= HIP_MAX_DH_GROUP_ID; i++) { [...] okey = dh_table[i]; dh_table[i] = tmp; [...] } It seems that the array dh_table with 7 entries is accessed at index 7, i.e., beyond it's actual size.