summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Wu <peter@lekensteyn.nl>2016-03-23 03:45:21 +0100
committerWerner Koch <wk@gnupg.org>2016-03-23 12:43:01 +0100
commit6821e1bd94969106a70e3de17b86f6e6181f4e59 (patch)
treea864d7a28e8d8324aa21e7ff2d4b0ad9c5ecd777
parent15785bc9fb1787554bf371945ecb191830c15bfd (diff)
downloadlibgcrypt-6821e1bd94969106a70e3de17b86f6e6181f4e59.tar.gz
Fix buffer overrun in gettag for Poly1305
* cipher/cipher-poly1305.c: copy a fixed length instead of the user-supplied number. -- The outbuflen is used to check the minimum size, the real tag is always of fixed length. Signed-off-by: Peter Wu <peter@lekensteyn.nl>
-rw-r--r--cipher/cipher-poly1305.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c
index 965a7b66..fb817742 100644
--- a/cipher/cipher-poly1305.c
+++ b/cipher/cipher-poly1305.c
@@ -215,7 +215,7 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
{
gcry_err_code_t err;
- if (outbuflen < GCRY_GCM_BLOCK_LEN)
+ if (outbuflen < POLY1305_TAGLEN)
return GPG_ERR_BUFFER_TOO_SHORT;
if (c->u_mode.poly1305.bytecount_over_limits)
return GPG_ERR_INV_LENGTH;
@@ -244,10 +244,10 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
}
if (check)
- return buf_eq_const(outbuf, c->u_iv.iv, outbuflen) ?
+ return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ?
GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
- memcpy (outbuf, c->u_iv.iv, outbuflen);
+ memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
return GPG_ERR_NO_ERROR;
}