Add args checking to GCM mode

2026-05-07 08:56:17 +08:00 · 2022-07-31 18:08:46 +08:00
parent 9119293ea2
commit 28ccbe57cc
4 changed files with 14 additions and 0 deletions
--- a/src/aes_modes.c
+++ b/src/aes_modes.c
@@ -170,6 +170,11 @@ int aes_gcm_encrypt(const AES_KEY *key, const uint8_t *iv, size_t ivlen,
 	uint8_t Y[16];
 	uint8_t T[16];

+	if (taglen > AES_GCM_MAX_TAG_SIZE) {
+		error_print();
+		return -1;
+	}
+
 	aes_encrypt(key, H, H);

 	if (ivlen == 12) {
--- a/src/sm4_modes.c
+++ b/src/sm4_modes.c
@@ -166,6 +166,11 @@ int sm4_gcm_encrypt(const SM4_KEY *key, const uint8_t *iv, size_t ivlen,
 	uint8_t Y[16];
 	uint8_t T[16];

+	if (taglen > SM4_GCM_MAX_TAG_SIZE) {
+		error_print();
+		return -1;
+	}
+
 	sm4_encrypt(key, H, H);

 	if (ivlen == 12) {