[PATCH 1/2] Fix buffer overrun in gettag for GCM

Peter Wu peter at lekensteyn.nl
Wed Mar 23 03:45:20 CET 2016


* cipher/cipher-gcm.c: copy a fixed length instead of the user-supplied
  number.
--

The outbuflen is used to check the minimum size, the real tag is always
of fixed length.

Signed-off-by: Peter Wu <peter at lekensteyn.nl>
---
 cipher/cipher-gcm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index d390ef8..cb81ea9 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -803,12 +803,12 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
 
   if (!check)
     {
-      memcpy (outbuf, c->u_mode.gcm.u_tag.tag, outbuflen);
+      memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
       return GPG_ERR_NO_ERROR;
     }
   else
     {
-      return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, outbuflen) ?
+      return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
                GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
     }
 
-- 
2.7.4




More information about the Gcrypt-devel mailing list