On Thu, Sep 07, 2017 at 07:48:53AM +0200, Stephan Müller wrote:
>
> There is already such check:
>
> static inline int crypto_aead_decrypt(struct aead_request *req)
> {
> struct crypto_aead *aead = crypto_aead_reqtfm(req);
>
> if (req->cryptlen < crypto_aead_authsize(aead))
> return -EINVAL;
> ...
That doesn't check assoclen, does it?
> > Perhaps we can simply
> > truncate assoclen in aead_request_set_ad.
>
> I am not sure that would work because at the time we set the AAD len, we may
> not yet have cryptlen. I.e. aead_request_set_ad may be called before
> aead_request_set_crypt.
We can add the truncation in both places.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
