lib/accelerated: rearranged several size checks to avoid overflow

Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

diff --git a/lib/accelerated/afalg.c b/lib/accelerated/afalg.c
index 6348e3f19715cfd04d7f0f6a8dbfcb7c7bb87bef..03a8e957b5d334fdd02d8104f6fac3c5b0f74794 100644 (file)
--- a/lib/accelerated/afalg.c
+++ b/lib/accelerated/afalg.c
@@ -421,7 +421,7 @@ static int afalg_aead_encrypt(void *_ctx, const void *nonce, size_t nonce_size,
                return GNUTLS_E_MEMORY_ERROR;
        }
 
-       if (encr_size < plain_size + tag_size) {
+       if (encr_size - tag_size < plain_size) {
                ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
                gnutls_assert();
                goto end;

diff --git a/lib/accelerated/cryptodev-gcm.c b/lib/accelerated/cryptodev-gcm.c
index a847f821c48c0d8c23fd2ce0d9d7451df11671ca..d75ea45b9051bcbf8033a6f183d41c114423bef3 100644 (file)
--- a/lib/accelerated/cryptodev-gcm.c
+++ b/lib/accelerated/cryptodev-gcm.c
@@ -137,7 +137,7 @@ aes_gcm_encrypt(void *_ctx, const void *src, size_t src_size,
        /* the GCM in kernel will place the tag after the
         * encrypted data.
         */
-       if (dst_size < src_size + GCM_BLOCK_SIZE)
+       if (dst_size - GCM_BLOCK_SIZE < src_size)
                return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
 
        ctx->cryp.len = src_size;

diff --git a/lib/accelerated/x86/aes-gcm-aead.h b/lib/accelerated/x86/aes-gcm-aead.h
index 3f473b51d5e0ca3918d8a428b3504fb1a44ebc42..a16563e1c57ebf8b5226e99b57561843a47eefd9 100644 (file)
--- a/lib/accelerated/x86/aes-gcm-aead.h
+++ b/lib/accelerated/x86/aes-gcm-aead.h
@@ -10,7 +10,7 @@ aes_gcm_aead_encrypt(void *ctx,
                        void *encr, size_t encr_size)
 {
        /* proper AEAD cipher */
-       if (unlikely(encr_size < plain_size + tag_size))
+       if (unlikely(encr_size - tag_size < plain_size))
                return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
 
        aes_gcm_setiv(ctx, nonce, nonce_size);