From 9f020b17df164cf1df31be7a43806917ccdf1296 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 3 Aug 2017 15:00:37 +0200 Subject: [PATCH] limit malloc'ed data in eax_decrypt_verify_memory() --- src/encauth/eax/eax_decrypt_verify_memory.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/encauth/eax/eax_decrypt_verify_memory.c b/src/encauth/eax/eax_decrypt_verify_memory.c index 4de1a7f..8c6540f 100644 --- a/src/encauth/eax/eax_decrypt_verify_memory.c +++ b/src/encauth/eax/eax_decrypt_verify_memory.c @@ -55,6 +55,9 @@ int eax_decrypt_verify_memory(int cipher, /* default to zero */ *stat = 0; + /* limit taglen */ + taglen = MIN(taglen, MAXBLOCKSIZE); + /* allocate ram */ buf = XMALLOC(taglen); eax = XMALLOC(sizeof(*eax));