Sanity check lengths for AES wrap algorithm.

[openssl.git] / crypto / evp / e_aes.c

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 504c75f8d12c518d55113a14b2acfe81718efa05..ce300440a89cda699b47d263bb9952946542ae92 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -2098,7 +2098,11 @@ static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
        EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
        size_t rv;
        if (inlen % 8)
-               return 0;
+               return -1;
+       if (ctx->encrypt && inlen < 8)
+               return -1;
+       if (!ctx->encrypt && inlen < 16)
+               return -1;
        if (!out)
                {
                if (ctx->encrypt)