From cec59b82f7041a305c228091a84257c28e0818d5 Mon Sep 17 00:00:00 2001
From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Tue, 2 Aug 2022 14:34:26 +1200
Subject: [PATCH] lib:crypto: Check for overflow before filling pauth_tag array

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
index a05aa8a323c..fc4d21f4ec5 100644
--- a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
+++ b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
@@ -124,6 +124,14 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(TALLOC_CTX *mem_ctx,
 	 * TODO: Use gnutls_cipher_encrypt3()
 	 */
 
+	if (hmac_size > 64) {
+		/*
+		 * We don't want to overflow 'pauth_tag', which is 64 bytes in
+		 * size.
+		 */
+		return NT_STATUS_INVALID_BUFFER_SIZE;
+	}
+
 	if (plaintext->length + aes_block_size < plaintext->length) {
 		return NT_STATUS_INVALID_BUFFER_SIZE;
 	}
-- 
2.47.3