From bf4b5ed7a4e02358cb008bb43c20f5f3c309b7c1 Mon Sep 17 00:00:00 2001
From: Chien Wong <m@xv97.com>
Date: Mon, 22 Jan 2024 20:43:54 +0800
Subject: [PATCH] Add back restriction on AD length of GCM

Fixes: bd513bb53d80276431161e5a64a2ae61740c4e68
Signed-off-by: Chien Wong <m@xv97.com>
---
 library/gcm.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/library/gcm.c b/library/gcm.c
index c677ca4d70..b31003f835 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -354,9 +354,12 @@ int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx,
 {
     const unsigned char *p;
     size_t use_len, offset;
+    uint64_t new_add_len;
 
-    /* IV is limited to 2^64 bits, so 2^61 bytes */
-    if ((uint64_t) add_len >> 61 != 0) {
+    /* AD is limited to 2^64 bits, ie 2^61 bytes
+     * Also check for possible overflow */
+    new_add_len = ctx->add_len + add_len;
+    if (new_add_len < ctx->add_len || new_add_len >> 61 != 0) {
         return MBEDTLS_ERR_GCM_BAD_INPUT;
     }