summaryrefslogtreecommitdiff
path: root/mysys_ssl/my_crypt.cc
diff options
context:
space:
mode:
Diffstat (limited to 'mysys_ssl/my_crypt.cc')
-rw-r--r--mysys_ssl/my_crypt.cc3
1 files changed, 3 insertions, 0 deletions
diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc
index a0937a83e17..2ab38711d0f 100644
--- a/mysys_ssl/my_crypt.cc
+++ b/mysys_ssl/my_crypt.cc
@@ -168,6 +168,9 @@ public:
*/
if (!ctx.encrypt)
{
+ /* encrypted string must contain authenticaton tag (see MDEV-11174) */
+ if (slen < MY_AES_BLOCK_SIZE)
+ return MY_AES_BAD_DATA;
slen-= MY_AES_BLOCK_SIZE;
if(!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, MY_AES_BLOCK_SIZE,
(void*)(src + slen)))
View Lorry Controller Status