e_aes.c: prevent potential DoS in aes_gcm_tls_cipher.

author Andy Polyakov <appro@openssl.org>

Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)

committer Andy Polyakov <appro@openssl.org>

Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)
author Andy Polyakov <appro@openssl.org>
Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)
committer Andy Polyakov <appro@openssl.org>
Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c

index e3bd2b498221bedd9ab11776d652e4806f172825..95d7421168296ed96ff6d2306725ed0f6aa096c2 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -940,7 +940,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
         int rv = -1;
         /* Encrypt/decrypt must be performed in place */
-       if (out != in)
+       if (out != in || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN+EVP_GCM_TLS_TAG_LEN))
                 return -1;
         /* Set IV from start of buffer or generate IV and write to start
          * of buffer.
author	Andy Polyakov <appro@openssl.org>
	Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)
committer	Andy Polyakov <appro@openssl.org>
	Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)