diff options
| author | David Benjamin <davidben@chromium.org> | 2015-01-27 04:21:26 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2015-01-27 04:38:57 +0300 |
| commit | 36eb7d5fbc841987be3d6272884c07c90328dbb1 (patch) | |
| tree | f7edb0e315f9915034523d89488ab6e554e3a496 /crypto | |
| parent | 53cbd6c8a0064d2958cb759637b2a6bf02f8dd93 (diff) | |
Fix buffer size in aead_test.c.
out2 wasn't sized to account for stateful AEAD open requiring a seal overhead's
worth of scratch space. Also, pass in sizeof(out2) rather than a computed
ciphertext length, so the max_out check would have actually caught this.
Change-Id: Ibe689424f6c8ad550b3a45266699892076e7ba5e
Reviewed-on: https://boringssl-review.googlesource.com/3060
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/cipher/aead_test.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/crypto/cipher/aead_test.c b/crypto/cipher/aead_test.c index dac022fb..310c90c0 100644 --- a/crypto/cipher/aead_test.c +++ b/crypto/cipher/aead_test.c @@ -74,12 +74,16 @@ static unsigned char hex_digit(char h) { } static int run_test_case(const EVP_AEAD *aead, - unsigned char bufs[NUM_TYPES][BUF_MAX], + uint8_t bufs[NUM_TYPES][BUF_MAX], const unsigned int lengths[NUM_TYPES], unsigned int line_no) { EVP_AEAD_CTX ctx; size_t ciphertext_len, plaintext_len; - unsigned char out[BUF_MAX + EVP_AEAD_MAX_OVERHEAD + 1], out2[BUF_MAX]; + uint8_t out[BUF_MAX + EVP_AEAD_MAX_OVERHEAD + 1]; + /* Note: When calling |EVP_AEAD_CTX_open|, the "stateful" AEADs require + * |max_out| be at least |in_len| despite the final output always being + * smaller by at least tag length. */ + uint8_t out2[sizeof(out)]; if (!EVP_AEAD_CTX_init(&ctx, aead, bufs[KEY], lengths[KEY], lengths[TAG], NULL)) { @@ -125,9 +129,7 @@ static int run_test_case(const EVP_AEAD *aead, return 0; } - /* The "stateful" AEADs require |max_out| be |in_len| despite the final - * output always being smaller by at least tag length. */ - int ret = EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len, + int ret = EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, sizeof(out2), bufs[NONCE], lengths[NONCE], out, ciphertext_len, bufs[AD], lengths[AD]); if (lengths[FAILS]) { @@ -159,7 +161,7 @@ static int run_test_case(const EVP_AEAD *aead, /* Garbage at the end isn't ignored. */ out[ciphertext_len] = 0; - if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len + 1, + if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, sizeof(out2), bufs[NONCE], lengths[NONCE], out, ciphertext_len + 1, bufs[AD], lengths[AD])) { fprintf(stderr, "Decrypted bad data on line %u\n", line_no); @@ -178,7 +180,7 @@ static int run_test_case(const EVP_AEAD *aead, /* Verify integrity is checked. */ out[0] ^= 0x80; - if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, ciphertext_len, bufs[NONCE], + if (EVP_AEAD_CTX_open(&ctx, out2, &plaintext_len, sizeof(out2), bufs[NONCE], lengths[NONCE], out, ciphertext_len, bufs[AD], lengths[AD])) { fprintf(stderr, "Decrypted bad data on line %u\n", line_no); |