Commit 1c7af995 authored by Geoff Simmons's avatar Geoff Simmons

Bugfix: decrypt VFP writes to the record buffer *before* decryption ...

... if insufficient space is available in the output buffer.
parent b49fa488
......@@ -181,6 +181,8 @@ decrypt(struct vfp_ctx *ctx, struct ece *ece, enum vfp_status vp)
int last, expect_last = 0;
unsigned char nonce[NONCE_LEN], *tag;
char errmsg[ERRMSG_LEN];
uint8_t *out;
ptrdiff_t diff;
CHECK_OBJ_NOTNULL(ece, ECE_MAGIC);
CHECK_OBJ_NOTNULL(ece->crypto, ECE_CRYPTO_MAGIC);
......@@ -203,11 +205,20 @@ decrypt(struct vfp_ctx *ctx, struct ece *ece, enum vfp_status vp)
assert(ciphertext_len <= INT_MAX);
tag = stream->next_in + ciphertext_len;
out = stream->next_out;
if (stream->avail_out < ciphertext_len)
out = stream->rec_buf;
/* Check the libcrypto "partially overlapping" error. */
diff = out - stream->next_in;
AZ(ciphertext_len > 0
&& ((diff > 0 && diff < (ptrdiff_t)ciphertext_len)
|| (diff < 0 && (diff > 0 - (ptrdiff_t)ciphertext_len))));
nonce_xor_seq(crypto, nonce);
plaintext_len = decrypt_record(ece->ectx, stream->next_in,
ciphertext_len, tag,
crypto->cek, nonce,
stream->next_out, &last, errmsg);
crypto->cek, nonce, out, &last,
errmsg);
seq_inc(crypto);
if (plaintext_len < 0)
......@@ -219,11 +230,8 @@ decrypt(struct vfp_ctx *ctx, struct ece *ece, enum vfp_status vp)
stream->avail_in -= record_len;
stream->next_in += record_len;
if ((unsigned)plaintext_len > stream->avail_out) {
assert(vp != VFP_END);
if (out == stream->rec_buf) {
assert(plaintext_len <= ece->rs);
memcpy(stream->rec_buf, stream->next_out,
plaintext_len);
stream->rec_next = stream->rec_buf;
stream->rec_avail = plaintext_len;
return (VFP_OK);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment