From 7246ab50dae2c2a8dbb5b49d9b774b050fa1c55d Mon Sep 17 00:00:00 2001
From: Karel Miko <karel.miko@gmail.com>
Date: Fri, 24 Feb 2017 21:22:53 +0100
Subject: [PATCH] fix coverity finding: cbc_decrypt out-of-bound read

---
 src/modes/cbc/cbc_decrypt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/modes/cbc/cbc_decrypt.c b/src/modes/cbc/cbc_decrypt.c
index fb67cb8..5948f21 100644
--- a/src/modes/cbc/cbc_decrypt.c
+++ b/src/modes/cbc/cbc_decrypt.c
@@ -45,7 +45,7 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
    }
 
    /* is blocklen valid? */
-   if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV)) {
+   if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV) || cbc->blocklen > (int)sizeof(tmp)) {
       return CRYPT_INVALID_ARG;
    }