Skip to content

Add sz check to ChachaAEADDecrypt to prevent potential underflow.#10125

Open
kareem-wolfssl wants to merge 1 commit intowolfSSL:masterfrom
kareem-wolfssl:zd21521
Open

Add sz check to ChachaAEADDecrypt to prevent potential underflow.#10125
kareem-wolfssl wants to merge 1 commit intowolfSSL:masterfrom
kareem-wolfssl:zd21521

Conversation

@kareem-wolfssl
Copy link
Copy Markdown
Contributor

@kareem-wolfssl kareem-wolfssl commented Apr 2, 2026

Description

Fixes zd#21521

Thanks to Zou Dikai for the report.

Testing

Built in tests

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@kareem-wolfssl kareem-wolfssl self-assigned this Apr 2, 2026
Copilot AI review requested due to automatic review settings April 2, 2026 23:44
Copilot AI reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an input-size guard in ChachaAEADDecrypt to prevent sz - aead_mac_size from underflowing when the ciphertext is shorter than the authentication tag, addressing zd#21521.

Changes:

  • Initialize msgLen defensively before computing it.
  • Add an early-return check for sz < ssl->specs.aead_mac_size to avoid underflow.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@kareem-wolfssl kareem-wolfssl

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kareem-wolfssl