Merge pull request #275 from vansante/aes-codec

AES: Add guard for data length to prevent panicking
asdine · Jul 21, 2020 · 29fe831 · 29fe831
2 parents 6d24484 + 14d135a
commit 29fe831
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/codec/aes/aes.go b/codec/aes/aes.go
@@ -62,6 +62,10 @@ func (c *AES) Marshal(v interface{}) ([]byte, error) {
 // Unmarshal unmarshals the given encrypted byte array to the given type
 func (c *AES) Unmarshal(data []byte, v interface{}) error {
 	nonceSize := c.aesGCM.NonceSize()
+	if len(data) < nonceSize {
+		return fmt.Errorf("not enough data for aes decryption (%d < %d)", len(data), nonceSize)
+	}
+
 	decrypted, err := c.aesGCM.Open(nil, data[:nonceSize], data[nonceSize:], nil)
 	if err != nil {
 		return fmt.Errorf("error decrypting data: %w", err)