Fix possible buffer overread in psa_mac_finish_internal (CMAC)

commit: 87b0ac49f8a07bb887cac0e6189232bcfe7f6fe8 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue Aug 21 14:55:49 2018 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Wed Oct 17 13:54:47 2018 +0200
tree: 2768e1326b2f9c6827b8fa2b043031b9ac3bebbd
parent: 6d72ff9e7935dc1861c1fbfd25a847456289bcef [diff]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0aa19cf..410f648 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -1738,7 +1738,7 @@
         uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
         int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
         if( ret == 0 )
-            memcpy( mac, tmp, mac_size );
+            memcpy( mac, tmp, operation->mac_size );
         mbedtls_zeroize( tmp, sizeof( tmp ) );
         return( mbedtls_to_psa_error( ret ) );
     }
commit	87b0ac49f8a07bb887cac0e6189232bcfe7f6fe8	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Aug 21 14:55:49 2018 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Oct 17 13:54:47 2018 +0200
tree	2768e1326b2f9c6827b8fa2b043031b9ac3bebbd
parent	6d72ff9e7935dc1861c1fbfd25a847456289bcef [diff]