summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2014-07-22 15:34:51 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2014-07-22 15:34:51 +0200
commit198db9095d6b2ce676f103cfbbe9446c452fa29b (patch)
tree1d0100cc48ab5d959175d0e989a3a89ba2693631
parentd97f6df513058cb785748e79c5376d62866399a0 (diff)
downloadgnutls-198db9095d6b2ce676f103cfbbe9446c452fa29b.tar.gz
Added sanity check on padlock AES IV set.
Diffstat
-rw-r--r--lib/accelerated/x86/aes-gcm-x86-pclmul.c2
-rw-r--r--lib/accelerated/x86/aes-padlock.c3
2 files changed, 4 insertions, 1 deletions
diff --git a/lib/accelerated/x86/aes-gcm-x86-pclmul.c b/lib/accelerated/x86/aes-gcm-x86-pclmul.c
index 1e52a70b18..47a6bfe197 100644
--- a/lib/accelerated/x86/aes-gcm-x86-pclmul.c
+++ b/lib/accelerated/x86/aes-gcm-x86-pclmul.c
@@ -117,7 +117,7 @@ static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
struct aes_gcm_ctx *ctx = _ctx;
if (iv_size != GCM_BLOCK_SIZE - 4)
- return GNUTLS_E_INVALID_REQUEST;
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c));
memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c));
diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c
index 98cdfc274b..bccbd10d92 100644
--- a/lib/accelerated/x86/aes-padlock.c
+++ b/lib/accelerated/x86/aes-padlock.c
@@ -115,6 +115,9 @@ static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
pce = ALIGN16(&ctx->expanded_key);
+ if (iv_size < 16)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
memcpy(pce->iv, iv, 16);
return 0;
View Lorry Controller Status