[git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.5-7-ga6855de
by Werner Koch
cvs at cvs.gnupg.org
Wed Mar 23 12:59:28 CET 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, LIBGCRYPT-1-6-BRANCH has been updated
via a6855de9fedc16a05f68e3fdda2f6fdaab2388fb (commit)
via 489831a7299b461740f696dabd913eaec03ee16a (commit)
from c03cc004133ab261e514ddd37ca40da17df7e6d8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a6855de9fedc16a05f68e3fdda2f6fdaab2388fb
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 23 11:07:52 2016 +0100
cipher: Check length of supplied tag in _gcry_cipher_gcm_check_tag.
* cipher/cipher-gcm.c (_gcry_cipher_gcm_tag): Check that the provided
tag length matches the actual tag length. Avoid gratuitous return
statements.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index f7e840d..93d5214 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -1148,13 +1148,18 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
if (!check)
{
+ /* NB: We already checked that OUTBUF is large enough to hold
+ the result. */
memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
- return GPG_ERR_NO_ERROR;
}
else
{
- return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
- GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+ /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+ * and thus we need to compare its length first. */
+ if (outbuflen != GCRY_GCM_BLOCK_LEN
+ || !buf_eq_const (outbuf, c->u_mode.gcm.u_tag.tag,
+ GCRY_GCM_BLOCK_LEN))
+ return GPG_ERR_CHECKSUM;
}
return 0;
commit 489831a7299b461740f696dabd913eaec03ee16a
Author: Peter Wu <peter at lekensteyn.nl>
Date: Wed Mar 23 03:45:20 2016 +0100
Fix buffer overrun in gettag for GCM
* cipher/cipher-gcm.c: copy a fixed length instead of the user-supplied
number.
--
The outbuflen is used to check the minimum size, the real tag is always
of fixed length.
Signed-off-by: Peter Wu <peter at lekensteyn.nl>
Actually this is not a buffer overrun because we copy not more than
has been allocated for OUTBUF. However a too long OUTBUFLEN accesses
data outside of the source buffer. -wk
diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index 457e337..f7e840d 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -1148,12 +1148,12 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
if (!check)
{
- memcpy (outbuf, c->u_mode.gcm.u_tag.tag, outbuflen);
+ memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
return GPG_ERR_NO_ERROR;
}
else
{
- return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, outbuflen) ?
+ return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
}
-----------------------------------------------------------------------
Summary of changes:
cipher/cipher-gcm.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
More information about the Gnupg-commits
mailing list