search

arosspope / cipher-crypt

A cryptographic tomb of ciphers forgotten by time.
Apache License 2.0
42 stars 8 forks source link

Unhandled overflow condition in Playfair decrypt #39

Open glarsen opened 6 years ago

glarsen commented 6 years ago

https://github.com/arosspope/cipher-crypt/blob/aab6174944abe95ce9259aafaf74d901680bc562/src/playfair.rs#L115

This shift rule does not correctly handle cases where the usize index into the vector will overflow negative upon subtraction.

Example code that replicates the issue:

extern crate cipher_crypt;
use cipher_crypt::{Cipher, Playfair};

fn main() {
    let c = Playfair::new("APT".to_string()).unwrap();
    let pt = "Hello World";

    let ct = c.encrypt(pt).unwrap();
    let _d = c.decrypt(&ct).unwrap();
}

The patch to fix this is ready. It includes a unit test for this condition. I can push to the same cipher/playfair branch and increment to 0.14.1 if that works, @arosspope .

arosspope commented 6 years ago

Sure, that works for me. Create a PR when ready