wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/modes
History
Guido Vranken fc4c034ee8 Enforce a strict output length check in CRYPTO_ccm128_tag 
Return error if the output tag buffer size doesn't match
the tag size exactly. This prevents the caller from
using that portion of the tag buffer that remains
uninitialized after an otherwise succesfull call to
CRYPTO_ccm128_tag.

Bug found by OSS-Fuzz.

Fix suggested by Kurt Roeckx.

Signed-off-by: Guido Vranken <guidovranken@gmail.com>

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8810)

(cherry picked from commit 514c9da48b)
2019-04-25 11:00:39 +01:00
..
asm cfi build fixes in x86-64 ghash assembly 2019-02-27 22:44:46 +01:00
build.info Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
cbc128.c Don't call memcpy if len is zero. 2017-02-20 19:17:53 -05:00
ccm128.c Enforce a strict output length check in CRYPTO_ccm128_tag 2019-04-25 11:00:39 +01:00
cfb128.c
ctr128.c modes/ctr128.c: fix false carry in counter increment procedure. 2016-11-25 17:22:21 +01:00
cts128.c
gcm128.c Update copyright year 2018-06-20 15:29:23 +01:00
modes_lcl.h modes/ocb128.c: Reset nonce-dependent variables on setiv 2018-06-08 15:54:40 +02:00
ocb128.c modes/ocb128.c: readability and formatting improvements. 2018-07-09 12:37:09 +02:00
ofb128.c
wrap128.c Update copyright year 2018-06-20 15:29:23 +01:00
xts128.c