diff options
Diffstat (limited to 'lib/nettle/cipher.c')
-rw-r--r-- | lib/nettle/cipher.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/nettle/cipher.c b/lib/nettle/cipher.c index 93afca243b..5e3a06a744 100644 --- a/lib/nettle/cipher.c +++ b/lib/nettle/cipher.c @@ -1174,6 +1174,10 @@ wrap_nettle_cipher_aead_decrypt(void *_ctx, ctx->cipher->auth(ctx->ctx_ptr, auth_size, auth); encr_size -= tag_size; + + if (unlikely(plain_size < encr_size)) + return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); + ctx->cipher->decrypt(ctx, encr_size, plain, encr); ctx->cipher->tag(ctx->ctx_ptr, tag_size, tag); @@ -1183,6 +1187,10 @@ wrap_nettle_cipher_aead_decrypt(void *_ctx, } else { /* CCM-style cipher */ encr_size -= tag_size; + + if (unlikely(plain_size < encr_size)) + return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); + ret = ctx->cipher->aead_decrypt(ctx, nonce_size, nonce, auth_size, auth, |