From e2fd9b50b051176bc9fc27ecbc752d95d22b9959 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Wed, 8 May 2019 14:18:25 +0000
Subject: Make sure that the tag buffer size is equal to the tag size in
 CRYPTO_ccm128_tag(). Otherwise the caller might end up using the part of the
 tag buffer that was left uninitialized.

Issue found by Guido Vranken.

ok inoguchi
---
 src/lib/libcrypto/modes/ccm128.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/modes/ccm128.c b/src/lib/libcrypto/modes/ccm128.c
index 58cc4f44c6..12c6e61659 100644
--- a/src/lib/libcrypto/modes/ccm128.c
+++ b/src/lib/libcrypto/modes/ccm128.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ccm128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
+/* $OpenBSD: ccm128.c,v 1.5 2019/05/08 14:18:25 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
  *
@@ -435,7 +435,7 @@ size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx,unsigned char *tag,size_t len)
 {	unsigned int M = (ctx->nonce.c[0]>>3)&7;	/* the M parameter */
 
 	M *= 2; M += 2;
-	if (len<M)	return 0;
+	if (len != M)	return 0;
 	memcpy(tag,ctx->cmac.c,M);
 	return M;
 }
-- 
cgit v1.2.3-55-g6feb