[PATCH 0/2] Fixes for gcry_cipher_gettag crashes
peter at lekensteyn.nl
Wed Mar 23 03:45:19 CET 2016
As reported earlier, some modes can result in a buffer overrun when
improperly used. These patches avoid relying on the user-supplied input.
Poly1305 was introduced this cycle (1.7.0), but GCM was introduced in 1.6.0.
Maybe a backport is appropriate?
One crash is not fixed, that is the crash when setkey is not invoked before
using the GCM ciphers (introduced in the 1.7.0 cycle). Either these functions
should check that the key is present, or they should initialize the ghash table
earlier. Affected functions:
(via _gcry_cipher_gcm_get_tag, _gcry_cipher_gcm_check_tag)
Peter Wu (2):
Fix buffer overrun in gettag for GCM
Fix buffer overrun in gettag for Poly1305
cipher/cipher-gcm.c | 4 ++--
cipher/cipher-poly1305.c | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
More information about the Gcrypt-devel