fix a length check and add some missing length checks

author: Hubert Chathi <hubert@uhoreg.ca> 2018-05-31 16:41:06 -0400
committer: Hubert Chathi <hubert@uhoreg.ca> 2018-06-27 12:14:19 -0400
commit: ddc981c475ba576ae22617886ac6ce6d22ba1fc6 (patch)
tree: 121b66f8fd37f5f3480d4e1e643a6320121881d0 /src
parent: 6d86835421c79a61d893f7709b6509b8d63847f4 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/src/cipher.cpp b/src/cipher.cpp
index 6b53690..2312b84 100644
--- a/src/cipher.cpp
+++ b/src/cipher.cpp
@@ -70,8 +70,9 @@ size_t aes_sha_256_cipher_encrypt(
 ) {
     auto *c = reinterpret_cast<const _olm_cipher_aes_sha_256 *>(cipher);
 
-    if (aes_sha_256_cipher_encrypt_ciphertext_length(cipher, plaintext_length)
-            < ciphertext_length) {
+    if (ciphertext_length
+            < aes_sha_256_cipher_encrypt_ciphertext_length(cipher, plaintext_length)
+            || output_length < MAC_LENGTH) {
         return std::size_t(-1);
     }
 
@@ -109,6 +110,12 @@ size_t aes_sha_256_cipher_decrypt(
     uint8_t const * ciphertext, size_t ciphertext_length,
     uint8_t * plaintext, size_t max_plaintext_length
 ) {
+    if (max_plaintext_length
+            < aes_sha_256_cipher_decrypt_max_plaintext_length(cipher, ciphertext_length)
+            || input_length < MAC_LENGTH) {
+        return std::size_t(-1);
+    }
+
     auto *c = reinterpret_cast<const _olm_cipher_aes_sha_256 *>(cipher);
 
     DerivedKeys keys;
author	Hubert Chathi <hubert@uhoreg.ca>	2018-05-31 16:41:06 -0400
committer	Hubert Chathi <hubert@uhoreg.ca>	2018-06-27 12:14:19 -0400
commit	ddc981c475ba576ae22617886ac6ce6d22ba1fc6 (patch)
tree	121b66f8fd37f5f3480d4e1e643a6320121881d0 /src
parent	6d86835421c79a61d893f7709b6509b8d63847f4 (diff)