Enforce a strict output length check in CRYPTO_ccm128_tag · 514c9da48b - Gogs

Enforce a strict output length check in CRYPTO_ccm128_tag

Return error if the output tag buffer size doesn't match
the tag size exactly. This prevents the caller from
using that portion of the tag buffer that remains
uninitialized after an otherwise succesfull call to
CRYPTO_ccm128_tag.

Bug found by OSS-Fuzz.

Fix suggested by Kurt Roeckx.

Signed-off-by: Guido Vranken <guidovranken@gmail.com>

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8810)

Guido Vranken 5 years ago

parent

87930507ff

commit

514c9da48b

1 changed files with 1 additions and 1 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 1
						
crypto/modes/ccm128.c
							 
								View File
							
				@@ -425,7 +425,7 @@ size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len)
			
				     M *= 2;
			
				     M += 2;
			
				-    if (len < M)
			
				+    if (len != M)
			
				         return 0;
			
				     memcpy(tag, ctx->cmac.c, M);
			
				     return M;