You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OpenSSL function call at aes_gcm_ossl.c:261 can sometimes read more than is pointed by aad function argument. For example, if called from srtp.c:2415. In this case tseq is 4 bytes long, but 8 bytes is read.
Fix could be to use aad_len instead of c->tag_len when calling EVP_CIPHER_CTX_ctrl, but I'm not sure about it.
The text was updated successfully, but these errors were encountered:
Based on my understanding of OpenSSL, this is benign. Line 261 is simply setting the tag length for the upcoming decrypt operation, which is specified by c->tag_len. While the OpenSSL code does read from memory pointed by by *aad, the data that is read is irrelevant. The true processing on *aad is done on line 263 during the call to EVP_Cipher(). This is one of the joys of working with the OpenSSL API. Work with it enough and one will learn to dislike it.
OpenSSL function call at aes_gcm_ossl.c:261 can sometimes read more than is pointed by aad function argument. For example, if called from srtp.c:2415. In this case tseq is 4 bytes long, but 8 bytes is read.
Fix could be to use aad_len instead of c->tag_len when calling EVP_CIPHER_CTX_ctrl, but I'm not sure about it.
The text was updated successfully, but these errors were encountered: