/ 
CryptX-0.088
⭐ Starred 36 / Crypt::Digest::SHAKE
Security Advisories (1)
CVE-2026-41565 (2026-05-28)

CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers. The gcm_decrypt_verify, ccm_decrypt_verify, chacha20poly1305_decrypt_verify and eax_decrypt_verify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer (MAXBLOCKSIZE) without checking the supplied length. A longer tag overwrites the stack past the buffer. Version 0.088 added the clamp to gcm_decrypt_verify, and 0.088_001 added it to the other three. Any caller of an affected helper that forwards an attacker-controlled tag longer than the buffer can trigger the overflow.

NAME

Crypt::Digest::SHAKE - Hash functions SHAKE128, SHAKE256 from SHA3 family

SYNOPSIS

use Crypt::Digest::SHAKE

$d = Crypt::Digest::SHAKE->new(128);
$d->add('any data');
$d->addfile('filename.dat');
$d->addfile(*FILEHANDLE);
$part1 = $d->done(100); # 100 raw bytes
$part2 = $d->done(100); # another 100 raw bytes
#...

DESCRIPTION

Provides an interface to the SHA3's sponge function SHAKE.

METHODS

new

$d = Crypt::Digest::SHA3-SHAKE->new($num);
# $num ... 128 or 256

clone

$d->clone();

reset

$d->reset();

add

$d->add('any data');
#or
$d->add('any data', 'more data', 'even more data');

addfile

$d->addfile('filename.dat');
#or
$d->addfile(*FILEHANDLE);

done

$result_raw = $d->done($len);
# can be called multiple times

SEE ALSO