hash-common: fix heap overflow when writing more data after final
* tests/basic.c (check_one_md): Test writing to digest after read. * cipher/hash-common.c (_gcry_md_block_write): Reset 'hd->count' if greater than blocksize.
'_gcry_md_block_write' did not expect 'hd->count' being greater than
digest blocksize. However digest final function may set 'hd->count'
to larger value. Now, if write is called after final function and
'hd->count' gets too large value, 'copylen' parameter to buf_cpy
may have value larger than size of 'hd->buf' and cause heap overflow.
- Reported-by: Tavis Ormandy <email@example.com>
- Signed-off-by: Jussi Kivilinna <firstname.lastname@example.org>