diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-05-28 00:22:57 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-05-28 00:22:57 +0200 |
| commit | 0665b9e95a18cf69dca69d9fe40eb4775486a81a (patch) | |
| tree | 9ea6fc79bffe9984b0e6129f53d53be300604393 /lib/gnutls_cipher_int.c | |
| parent | 5e4d7f6db467007f2932a1904bf202e0d806e37a (diff) | |
| download | gnutls-0665b9e95a18cf69dca69d9fe40eb4775486a81a.tar.gz | |
Eliminated memory copy on decryption.
Diffstat (limited to 'lib/gnutls_cipher_int.c')
| -rw-r--r-- | lib/gnutls_cipher_int.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c index 79d71fe4ad..fb54be0821 100644 --- a/lib/gnutls_cipher_int.c +++ b/lib/gnutls_cipher_int.c @@ -280,6 +280,9 @@ int _gnutls_auth_cipher_decrypt2 (auth_cipher_hd_st * handle, { int ret; + if (unlikely(ciphertextlen > textlen)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + if (handle->non_null != 0) { ret = _gnutls_cipher_decrypt2(&handle->cipher, ciphertext, ciphertextlen, @@ -287,16 +290,18 @@ int ret; if (ret < 0) return gnutls_assert_val(ret); } + else if (handle->non_null == 0 && text != ciphertext) + memcpy(text, ciphertext, ciphertextlen); if (handle->is_mac) { /* The MAC is not to be hashed */ - textlen -= handle->tag_size; + ciphertextlen -= handle->tag_size; if (handle->ssl_hmac) - return _gnutls_hash(&handle->mac.dig, text, textlen); + return _gnutls_hash(&handle->mac.dig, text, ciphertextlen); else - return _gnutls_mac(&handle->mac.mac, text, textlen); + return _gnutls_mac(&handle->mac.mac, text, ciphertextlen); } return 0; |