diff options
author | Peter Wu <peter@lekensteyn.nl> | 2016-03-23 03:45:21 +0100 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2016-03-23 12:43:01 +0100 |
commit | 6821e1bd94969106a70e3de17b86f6e6181f4e59 (patch) | |
tree | a864d7a28e8d8324aa21e7ff2d4b0ad9c5ecd777 | |
parent | 15785bc9fb1787554bf371945ecb191830c15bfd (diff) | |
download | libgcrypt-6821e1bd94969106a70e3de17b86f6e6181f4e59.tar.gz |
Fix buffer overrun in gettag for Poly1305
* cipher/cipher-poly1305.c: copy a fixed length instead of the
user-supplied number.
--
The outbuflen is used to check the minimum size, the real tag is always
of fixed length.
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
-rw-r--r-- | cipher/cipher-poly1305.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c index 965a7b66..fb817742 100644 --- a/cipher/cipher-poly1305.c +++ b/cipher/cipher-poly1305.c @@ -215,7 +215,7 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c, { gcry_err_code_t err; - if (outbuflen < GCRY_GCM_BLOCK_LEN) + if (outbuflen < POLY1305_TAGLEN) return GPG_ERR_BUFFER_TOO_SHORT; if (c->u_mode.poly1305.bytecount_over_limits) return GPG_ERR_INV_LENGTH; @@ -244,10 +244,10 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c, } if (check) - return buf_eq_const(outbuf, c->u_iv.iv, outbuflen) ? + return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ? GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM; - memcpy (outbuf, c->u_iv.iv, outbuflen); + memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN); return GPG_ERR_NO_ERROR; } |