From 10ae275fd54e600c08ee330eaf9738aa476e0ca4 Mon Sep 17 00:00:00 2001 From: Vitaly Chikunov Date: Thu, 2 Aug 2018 16:59:14 +0300 Subject: [PATCH] Fix possible overflow of digest result writing Openssl is already have output result size in EVP_MD.md_size We should not exceed its value when writing digest output. This should be fixed more consistently, probably, by removing dgst_size from OMAC_CTX. --- compat.h | 5 +++++ gost_omac.c | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/compat.h b/compat.h index 91afcf5..29a2ad3 100644 --- a/compat.h +++ b/compat.h @@ -252,6 +252,11 @@ static inline int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize) return 1; } +static int EVP_MD_meth_get_result_size(const EVP_MD *md) +{ + return md->md_size; +} + static inline int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize) { md->block_size = blocksize; diff --git a/gost_omac.c b/gost_omac.c index af6eb2a..d1f897a 100644 --- a/gost_omac.c +++ b/gost_omac.c @@ -7,6 +7,8 @@ #include "e_gost_err.h" #include "gost_lcl.h" +#define min(a,b) (((a) < (b)) ? (a) : (b)) + typedef struct omac_ctx { CMAC_CTX *cmac_ctx; size_t dgst_size; @@ -71,7 +73,8 @@ int omac_imit_final(EVP_MD_CTX *ctx, unsigned char *md) CMAC_Final(c->cmac_ctx, mac, &mac_size); - memcpy(md, mac, c->dgst_size); + int md_size = EVP_MD_meth_get_result_size(EVP_MD_CTX_md(ctx)); + memcpy(md, mac, min(md_size, c->dgst_size)); return 1; } -- 2.39.5