Check the plaintext buffer is large enough when decrypting SM2

Previously there was no check that the supplied buffer was large enough. It was just assumed to be sufficient. Instead we should check and fail if not. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
author: Matt Caswell <matt@openssl.org> 2021-08-13 17:58:21 +0200
committer: Matt Caswell <matt@openssl.org> 2021-08-24 15:22:07 +0200
commit: ad1ca777f9702f355a2f74dc5eed713476825f23 (patch)
tree: 2c31595c82dc9aa3757f2d3bb9209152694f61a9 /crypto
parent: Extend tests for SM2 decryption (diff)
download: openssl-ad1ca777f9702f355a2f74dc5eed713476825f23.tar.xz
openssl-ad1ca777f9702f355a2f74dc5eed713476825f23.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c
index 2c7264e42b..e26b48390a 100644
--- a/crypto/sm2/sm2_crypt.c
+++ b/crypto/sm2/sm2_crypt.c
@@ -312,6 +312,10 @@ int ossl_sm2_decrypt(const EC_KEY *key,
     C2 = sm2_ctext->C2->data;
     C3 = sm2_ctext->C3->data;
     msg_len = sm2_ctext->C2->length;
+    if (*ptext_len < (size_t)msg_len) {
+        SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
+        goto done;
+    }
 
     ctx = BN_CTX_new_ex(libctx);
     if (ctx == NULL) {
author	Matt Caswell <matt@openssl.org>	2021-08-13 17:58:21 +0200
committer	Matt Caswell <matt@openssl.org>	2021-08-24 15:22:07 +0200
commit	ad1ca777f9702f355a2f74dc5eed713476825f23 (patch)
tree	2c31595c82dc9aa3757f2d3bb9209152694f61a9 /crypto
parent	Extend tests for SM2 decryption (diff)
download	openssl-ad1ca777f9702f355a2f74dc5eed713476825f23.tar.xz openssl-ad1ca777f9702f355a2f74dc5eed713476825f23.zip