From 4877aca2b6e3ebc90ed86df3d4db4dfb06de7d51 Mon Sep 17 00:00:00 2001
From: moneromooo-monero <moneromooo-monero@users.noreply.github.com>
Date: Tue, 7 Nov 2017 11:56:36 +0000
Subject: [PATCH] keccak: some paranoid "can't happen" checks

---
 src/crypto/keccak.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/crypto/keccak.c b/src/crypto/keccak.c
index 090d563a2..5564c7db3 100644
--- a/src/crypto/keccak.c
+++ b/src/crypto/keccak.c
@@ -2,6 +2,8 @@
 // 19-Nov-11  Markku-Juhani O. Saarinen <mjos@iki.fi>
 // A baseline Keccak (3rd round) implementation.
 
+#include <stdio.h>
+#include <stdlib.h>
 #include "hash-ops.h"
 #include "keccak.h"
 
@@ -79,6 +81,12 @@ int keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen)
     uint8_t temp[144];
     size_t i, rsiz, rsizw;
 
+    if (mdlen <= 0 || mdlen > 200 || sizeof(st) != 200)
+    {
+      fprintf(stderr, "Bad keccak use");
+      abort();
+    }
+
     rsiz = sizeof(state_t) == mdlen ? HASH_DATA_AREA : 200 - 2 * mdlen;
     rsizw = rsiz / 8;
     
@@ -91,6 +99,12 @@ int keccak(const uint8_t *in, size_t inlen, uint8_t *md, int mdlen)
     }
     
     // last block and padding
+    if (inlen >= sizeof(temp) || inlen > rsiz || rsiz - inlen + inlen + 1 >= sizeof(temp) || rsiz == 0 || rsiz - 1 >= sizeof(temp) || rsizw * 8 > sizeof(temp))
+    {
+      fprintf(stderr, "Bad keccak use");
+      abort();
+    }
+
     memcpy(temp, in, inlen);
     temp[inlen++] = 1;
     memset(temp + inlen, 0, rsiz - inlen);