Don't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag

If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. By definition _gnutls_cipher_encrypt2 does nothing in this
case and thus does not need to be called.

diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c
index 31b608c46fcc5483b5be57706c4cf87db4a61646..3368bae5b4c9b5058c9471887e5e295b08616b7e 100644 (file)
--- a/lib/gnutls_cipher_int.c
+++ b/lib/gnutls_cipher_int.c
@@ -266,17 +266,19 @@ int _gnutls_auth_cipher_encrypt2_tag(auth_cipher_hd_st * handle,
                                return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
                        l = (textlen / blocksize) * blocksize;
-                       ret =
-                           _gnutls_cipher_encrypt2(&handle->cipher, text,
+                       if (l > 0) {
+                               ret =
+                               _gnutls_cipher_encrypt2(&handle->cipher, text,
                                                    l, ciphertext,
                                                    ciphertextlen);
-                       if (ret < 0)
-                               return gnutls_assert_val(ret);
+                               if (ret < 0)
+                                       return gnutls_assert_val(ret);
 
-                       textlen -= l;
-                       text += l;
-                       ciphertext += l;
-                       ciphertextlen -= l;
+                               textlen -= l;
+                               text += l;
+                               ciphertext += l;
+                               ciphertextlen -= l;
+                       }
 
                        if (ciphertext != text && textlen > 0)
                                memcpy(ciphertext, text, textlen);