Prevent invalid memory read when AES-CBC decrypting.

The issue happens when the ciphertext is not a multiple of the block size.

BUG=300681

Review URL: https://codereview.chromium.org/25164002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@226199 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 12 insertions, 3 deletions

diff --git a/crypto/encryptor_nss.cc b/crypto/encryptor_nss.cc
index 280e38b..4aee21f 100644
--- a/crypto/encryptor_nss.cc
+++ b/crypto/encryptor_nss.cc
@@ -95,9 +95,18 @@ bool Encryptor::Decrypt(const base::StringPiece& ciphertext,
   if (!context.get())
     return false;
 
-  return (mode_ == CTR) ?
-      CryptCTR(context.get(), ciphertext, plaintext) :
-      Crypt(context.get(), ciphertext, plaintext);
+  if (mode_ == CTR)
+    return CryptCTR(context.get(), ciphertext, plaintext);
+
+  if (ciphertext.size() % AES_BLOCK_SIZE != 0) {
+    // Decryption will fail if the input is not a multiple of the block size.
+    // PK11_CipherOp has a bug where it will do an invalid memory access before
+    // the start of the input, so avoid calling it. (Possibly NSS bug 921687).
+    plaintext->clear();
+    return false;
+  }
+
+  return Crypt(context.get(), ciphertext, plaintext);
 }
 
 bool Encryptor::Crypt(PK11Context* context,