Check the plaintext buffer is large enough when decrypting SM2

Previously there was no check that the supplied buffer was large enough. It was just assumed to be sufficient. Instead we should check and fail if not. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
2021-08-13 16:58:21 +01:00 · 2021-08-13 16:58:21 +01:00 · ad1ca777f9
commit ad1ca777f9
parent d07036b98d
1 changed files with 4 additions and 0 deletions
--- a/crypto/sm2/sm2_crypt.c
+++ b/crypto/sm2/sm2_crypt.c
@ -312,6 +312,10 @@ int ossl_sm2_decrypt(const EC_KEY *key,
    C2 = sm2_ctext->C2->data;
    C3 = sm2_ctext->C3->data;
    msg_len = sm2_ctext->C2->length;
+    if (*ptext_len < (size_t)msg_len) {
+        SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
+        goto done;
+    }

    ctx = BN_CTX_new_ex(libctx);
    if (ctx == NULL) {