Check the plaintext buffer is large enough when decrypting SM2

mattcaswell · mattcaswell · commit ad1ca777f970 · 2021-08-24T14:22:07.000+01:00
Previously there was no check that the supplied buffer was large enough.
It was just assumed to be sufficient. Instead we should check and fail if
not.

Reviewed-by: Paul Dale &lt;pauli@openssl.org&gt;
Reviewed-by: Nicola Tuveri &lt;nic.tuv@gmail.com&gt;
diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c
@@ -312,6 +312,10 @@ int ossl_sm2_decrypt(const EC_KEY *key,
     C2 = sm2_ctext->C2->data;
     C3 = sm2_ctext->C3->data;
     msg_len = sm2_ctext->C2->length;
+    if (*ptext_len < (size_t)msg_len) {
+        SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
+        goto done;
+    }
 
     ctx = BN_CTX_new_ex(libctx);
     if (ctx == NULL) {

Original file line number	Original file line	Diff line number	Diff line change
`@@ -312,6 +312,10 @@ int ossl_sm2_decrypt(const EC_KEY *key,`
`312`	`C2 = sm2_ctext->C2->data;`	`312`	`C2 = sm2_ctext->C2->data;`
`313`	`C3 = sm2_ctext->C3->data;`	`313`	`C3 = sm2_ctext->C3->data;`
`314`	`msg_len = sm2_ctext->C2->length;`	`314`	`msg_len = sm2_ctext->C2->length;`
		`315`	`+ if (*ptext_len < (size_t)msg_len) {`
		`316`	`+ SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);`
		`317`	`+ goto done;`
		`318`	`+ }`
`315`		`319`
`316`	`ctx = BN_CTX_new_ex(libctx);`	`320`	`ctx = BN_CTX_new_ex(libctx);`
`317`	`if (ctx == NULL) {`	`321`	`if (ctx == NULL) {`