Add sz check to ChachaAEADDecrypt to prevent potential underflow.

Thanks to Zou Dikai for the report.
This commit is contained in:
Kareem
2026-04-02 16:41:55 -07:00
parent 14dbba7b21
commit 5b6b138964
+6 -1
View File
@@ -20000,10 +20000,15 @@ int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
byte tag[POLY1305_AUTH_SZ];
byte poly[CHACHA20_256_KEY_SIZE]; /* generated key for mac */
int ret = 0;
int msgLen = (sz - ssl->specs.aead_mac_size);
int msgLen = 0;
Keys* keys = &ssl->keys;
byte* seq = NULL;
if (sz < ssl->specs.aead_mac_size) {
return BAD_FUNC_ARG;
}
msgLen = (sz - ssl->specs.aead_mac_size);
#ifdef CHACHA_AEAD_TEST
int i;
printf("input before decrypt :\n");