From 8b8676d8450f69a70a877968a51a9d8d992abb9c Mon Sep 17 00:00:00 2001
From: shenwii <654123789sw@gmail.com>
Date: Mon, 1 Nov 2021 19:54:30 +0800
Subject: [PATCH] fix a stack overflow bug

---
 sample.ini |  2 +-
 src/aes.c  | 14 +++++++++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/sample.ini b/sample.ini
index d330ee7..b311099 100644
--- a/sample.ini
+++ b/sample.ini
@@ -6,7 +6,7 @@ bind_addr6 = ::
 ;bind port
 bind_port = 8123
 ;preferred use of ipv6
-ipv6_first = 1
+ipv6_first = 0
 ;secret key
 key = zfTUq4rVLgqPLAJT7tgEgft2PDfVwbI4DVnqZpM3FGA=
 
diff --git a/src/aes.c b/src/aes.c
index cfe16cf..1b476a7 100644
--- a/src/aes.c
+++ b/src/aes.c
@@ -27,5 +27,17 @@ int aes_encrypt(__const__ unsigned char *indata, __const__ int len, unsigned cha
 
 int aes_decrypt(__const__ unsigned char *indata, __const__ int len, unsigned char *outdata, __const__ unsigned char *key)
 {
-    return __aes_en_de_crypt(AES_DECRYPT, indata, AES_ENCRYPT_LEN(len), outdata, key);
+    int tmp_len = AES_ENCRYPT_LEN(len);
+    unsigned char *tmp_buf = malloc(tmp_len);
+    if(tmp_buf == NULL)
+        return 1;
+    int rtn = __aes_en_de_crypt(AES_DECRYPT, indata, tmp_len, tmp_buf, key);
+    if(rtn != 0)
+    {
+        free(tmp_buf);
+        return rtn;
+    }
+    memcpy(outdata, tmp_buf, len);
+    free(tmp_buf);
+    return rtn;
 }