encrypted-payload: Check for non-zero payload size

author Markus Theil <markus.theil@secunet.com>

Thu, 9 Apr 2026 10:17:33 +0000 (12:17 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Mon, 13 Apr 2026 13:12:55 +0000 (15:12 +0200)
author Markus Theil <markus.theil@secunet.com>
Thu, 9 Apr 2026 10:17:33 +0000 (12:17 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Mon, 13 Apr 2026 13:12:55 +0000 (15:12 +0200)
diff --git a/src/libcharon/encoding/payloads/encrypted_payload.c b/src/libcharon/encoding/payloads/encrypted_payload.c

index 4821c6108ed94b1a1fa8b47c3b886d01c216ebfa..4ac7aba94e93f738fb19256d20b5ead393c511f6 100644 (file)
--- a/src/libcharon/encoding/payloads/encrypted_payload.c
+++ b/src/libcharon/encoding/payloads/encrypted_payload.c
@@ -637,7 +637,7 @@ static status_t decrypt_content(char *label, aead_t *aead, chunk_t encrypted,
         crypt.ptr = iv.ptr + iv.len;
         crypt.len = encrypted.len - iv.len;
  
-       if (iv.len + icv.len > encrypted.len ||
+       if (iv.len + icv.len >= encrypted.len ||
                 (crypt.len - icv.len) % bs)
         {
                 DBG1(DBG_ENC, "decrypting %s payload failed, invalid length", label);
author	Markus Theil <markus.theil@secunet.com>
	Thu, 9 Apr 2026 10:17:33 +0000 (12:17 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 13 Apr 2026 13:12:55 +0000 (15:12 +0200)