openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Check the plaintext buffer is large enough when decrypting SM2 

Previously there was no check that the supplied buffer was large enough.
It was just assumed to be sufficient. Instead we should check and fail if
not.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
This commit is contained in:
Matt Caswell 2021-08-13 16:58:21 +01:00
parent d07036b98d
commit ad1ca777f9
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/sm2/sm2_crypt.c
View File

@ -312,6 +312,10 @@ int ossl_sm2_decrypt(const EC_KEY *key,
C2 = sm2_ctext->C2->data;
C3 = sm2_ctext->C3->data;
msg_len = sm2_ctext->C2->length;
if (*ptext_len < (size_t)msg_len) {
SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
goto done;
}
ctx = BN_CTX_new_ex(libctx);
if (ctx == NULL) {