Updating server dependancies. (#7246)

2 files changed, 20 insertions, 0 deletions

diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go b/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go
index 903c7858e..c34d362ee 100644
--- a/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go
+++ b/vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.go
@@ -19,5 +19,6 @@ func XORKeyStream(out, in []byte, counter *[16]byte, key *[32]byte) {
 	if len(in) == 0 {
 		return
 	}
+	_ = out[len(in)-1]
 	salsa2020XORKeyStream(&out[0], &in[0], uint64(len(in)), &counter[0], &key[0])
 }
diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/salsa_test.go b/vendor/golang.org/x/crypto/salsa20/salsa/salsa_test.go
index f8cecd9e6..f67e94eba 100644
--- a/vendor/golang.org/x/crypto/salsa20/salsa/salsa_test.go
+++ b/vendor/golang.org/x/crypto/salsa20/salsa/salsa_test.go
@@ -33,3 +33,22 @@ func TestCore208(t *testing.T) {
 		t.Errorf("expected %x, got %x", out, in)
 	}
 }
+
+func TestOutOfBoundsWrite(t *testing.T) {
+	// encrypted "0123456789"
+	cipherText := []byte{170, 166, 196, 104, 175, 121, 68, 44, 174, 51}
+	var counter [16]byte
+	var key [32]byte
+	want := "abcdefghij"
+	plainText := []byte(want)
+	defer func() {
+		err := recover()
+		if err == nil {
+			t.Error("XORKeyStream expected to panic on len(dst) < len(src), but didn't")
+		}
+		if plainText[3] == '3' {
+			t.Errorf("XORKeyStream did out of bounds write, want %v, got %v", want, string(plainText))
+		}
+	}()
+	XORKeyStream(plainText[:3], cipherText, &counter, &key)
+}