1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
diff --git a/src/NT_fmt_plug.c b/src/NT_fmt_plug.c
index eb52e3d..411a45b 100644
--- a/src/NT_fmt_plug.c
+++ b/src/NT_fmt_plug.c
@@ -652,7 +652,7 @@ static inline void set_key_helper(unsigned int * keybuffer,
for(; key[md4_size]; i += xBuf, md4_size++)
{
unsigned int temp;
- if ((temp = key[++md4_size]))
+ if ((temp = key[++md4_size]) && md4_size < PLAINTEXT_LENGTH)
{
keybuffer[i] = key[md4_size-1] | (temp << 16);
}
@@ -704,7 +704,7 @@ static inline void set_key_helper_utf8(unsigned int * keybuffer, unsigned int xB
const UTF8 * source, unsigned int lenStoreOffset, unsigned int *lastlen)
{
unsigned int *target = keybuffer;
- unsigned int *targetEnd = &keybuffer[xBuf * ((PLAINTEXT_LENGTH + 1) >> 1)];
+ unsigned int *targetEnd = &keybuffer[xBuf * (PLAINTEXT_LENGTH >> 1)];
UTF32 chl, chh = 0x80;
unsigned int outlen = 0;
@@ -844,7 +844,7 @@ static inline void set_key_helper_encoding(unsigned int * keybuffer,
i = 0;
for(md4_size = 0; key[md4_size]; i += xBuf, md4_size++)
{
- if ((temp = CP_to_Unicode[key[++md4_size]]))
+ if ((temp = CP_to_Unicode[key[++md4_size]]) && md4_size < PLAINTEXT_LENGTH)
keybuffer[i] = CP_to_Unicode[key[md4_size-1]] | (temp << 16);
else {
keybuffer[i] = CP_to_Unicode[key[md4_size-1]] | 0x800000;
|