From 82154338d542d69ced2607bf4b60d4cab93f9a26 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Mon, 8 Apr 2024 11:17:34 +0200
Subject: [PATCH] Cryptlib/OpenSSL/crypto/cmac/cmac.c: fix overflow

Check that bl - 1 is not negative to fix the following k1 stringop-overflow:

In function 'make_kn',
    inlined from 'make_kn' at crypto/cmac/cmac.c:81:13,
    inlined from 'CMAC_Init' at crypto/cmac/cmac.c:205:9:
crypto/cmac/cmac.c:92:20: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=]
   92 |         k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
      |         ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~
crypto/cmac/cmac.c: In function 'CMAC_Init':
crypto/cmac/cmac.c:69:19: note: at offset [-2147483649, -1] into destination object 'k1' of size 32
   69 |     unsigned char k1[EVP_MAX_BLOCK_LENGTH];
      |                   ^~

Fixes:
 - http://autobuild.buildroot.org/results/97b6333cdc7bad24aba7af1b04890679e0058299

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 Cryptlib/OpenSSL/crypto/cmac/cmac.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Cryptlib/OpenSSL/crypto/cmac/cmac.c b/Cryptlib/OpenSSL/crypto/cmac/cmac.c
index 2954b6eb7..621ebdf44 100644
--- a/Cryptlib/OpenSSL/crypto/cmac/cmac.c
+++ b/Cryptlib/OpenSSL/crypto/cmac/cmac.c
@@ -88,7 +88,7 @@ static void make_kn(unsigned char *k1, unsigned char *l, int bl)
             k1[i] |= 1;
     }
     /* If MSB set fixup with R */
-    if (l[0] & 0x80)
+    if (((bl - 1) >= 0) && (l[0] & 0x80))
         k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
 }