From: Nikos Mavrogiannopoulos Date: Tue, 22 Jul 2014 13:34:51 +0000 (+0200) Subject: Added sanity check on padlock AES IV set. X-Git-Tag: gnutls_3_3_6~13 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=198db9095d6b2ce676f103cfbbe9446c452fa29b;p=thirdparty%2Fgnutls.git Added sanity check on padlock AES IV set. --- diff --git a/lib/accelerated/x86/aes-gcm-x86-pclmul.c b/lib/accelerated/x86/aes-gcm-x86-pclmul.c index 1e52a70b18..47a6bfe197 100644 --- a/lib/accelerated/x86/aes-gcm-x86-pclmul.c +++ b/lib/accelerated/x86/aes-gcm-x86-pclmul.c @@ -117,7 +117,7 @@ static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size) struct aes_gcm_ctx *ctx = _ctx; if (iv_size != GCM_BLOCK_SIZE - 4) - return GNUTLS_E_INVALID_REQUEST; + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c)); memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c)); diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c index 98cdfc274b..bccbd10d92 100644 --- a/lib/accelerated/x86/aes-padlock.c +++ b/lib/accelerated/x86/aes-padlock.c @@ -115,6 +115,9 @@ static int aes_setiv(void *_ctx, const void *iv, size_t iv_size) pce = ALIGN16(&ctx->expanded_key); + if (iv_size < 16) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + memcpy(pce->iv, iv, 16); return 0;