From a630fda5093859b58f059ee07f2b9ce28c928b72 Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Thu, 29 Sep 2016 12:30:53 -0600
Subject: [PATCH] Sanity check on memcpy and xorbuf

Sanity check on memcpy and xorbuf
---
 wolfcrypt/src/aes.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index bb660cefd..d07c66d5e 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -3425,6 +3425,8 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz,
     GMULT(x, h);
 
     /* Copy the result into s. */
+    if (sSz > AES_BLOCK_SIZE)
+        sSz = AES_BLOCK_SIZE;
     XMEMCPY(s, x, sSz);
 }
 
@@ -3573,6 +3575,8 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz,
     GMULT(x, aes->M0);
 
     /* Copy the result into s. */
+    if (sSz > AES_BLOCK_SIZE)
+        sSz = AES_BLOCK_SIZE;
     XMEMCPY(s, x, sSz);
 }
 
@@ -3697,6 +3701,8 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz,
     #ifdef LITTLE_ENDIAN_ORDER
         ByteReverseWords64(x, x, AES_BLOCK_SIZE);
     #endif
+    if (sSz > AES_BLOCK_SIZE)
+        sSz = AES_BLOCK_SIZE;
     XMEMCPY(s, x, sSz);
 }
 
@@ -3844,6 +3850,8 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz,
     #ifdef LITTLE_ENDIAN_ORDER
         ByteReverseWords(x, x, AES_BLOCK_SIZE);
     #endif
+    if (sSz > AES_BLOCK_SIZE)
+        sSz = AES_BLOCK_SIZE;
     XMEMCPY(s, x, sSz);
 }
 
@@ -3914,6 +3922,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
 
     GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
     wc_AesEncrypt(aes, initialCounter, scratch);
+    if (authTagSz > AES_BLOCK_SIZE)
+        authTagSz = AES_BLOCK_SIZE;
     xorbuf(authTag, scratch, authTagSz);
 
     return 0;