diff options
| author |   tb <tb@openbsd.org> | 2019-05-08 14:18:25 +0000 |
|---|---|---|
| committer | tb <tb@openbsd.org> | 2019-05-08 14:18:25 +0000 |
| commit | c7ddaaf561364b594dd2697206b98340045cfd1a (patch) | |
| tree | d8b36d7337664e7e0c20fa7566720dd072a6fa46 | |
| parent | better signatures. (diff) | |
| download | wireguard-openbsd-c7ddaaf561364b594dd2697206b98340045cfd1a.tar.xz wireguard-openbsd-c7ddaaf561364b594dd2697206b98340045cfd1a.zip | |
Make sure that the tag buffer size is equal to the tag size
in CRYPTO_ccm128_tag(). Otherwise the caller might end up
using the part of the tag buffer that was left uninitialized.
Issue found by Guido Vranken.
ok inoguchi
| -rw-r--r-- | lib/libcrypto/modes/ccm128.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libcrypto/modes/ccm128.c b/lib/libcrypto/modes/ccm128.c index 58cc4f44c6a..12c6e616593 100644 --- a/lib/libcrypto/modes/ccm128.c +++ b/lib/libcrypto/modes/ccm128.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ccm128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */ +/* $OpenBSD: ccm128.c,v 1.5 2019/05/08 14:18:25 tb Exp $ */ /* ==================================================================== * Copyright (c) 2011 The OpenSSL Project. All rights reserved. * @@ -435,7 +435,7 @@ size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx,unsigned char *tag,size_t len) { unsigned int M = (ctx->nonce.c[0]>>3)&7; /* the M parameter */ M *= 2; M += 2; - if (len<M) return 0; + if (len != M) return 0; memcpy(tag,ctx->cmac.c,M); return M; } |