#833205 libcrypto++6: Assertion fails in cmac.cpp line 60

#833205#5
Date:
2016-08-02 01:09:39 UTC
From:
To:
Dear Maintainer,

The code in cmac.cpp CMAC_Base::Update() has an assertion that fails
if a zero-length section is passed into it.  Zero is meant to work:
there's a guard for zero length just after the assertion.


Swapping the assertion and the guard allows correct behaviour.

diff -u -r libcrypto++-5.6.3/cmac.cpp libcrypto++-5.6.3-local/cmac.cpp
--- libcrypto++-5.6.3/cmac.cpp	2015-11-14 00:04:22.000000000 +1100
+++ libcrypto++-5.6.3-local/cmac.cpp	2016-08-02 10:49:51.659422114 +1000
@@ -57,9 +57,9 @@

 void CMAC_Base::Update(const byte *input, size_t length)
 {
-	assert((input && length) || !(input || length));
 	if (!length)
 		return;
+	assert((input && length) || !(input || length));

 	BlockCipher &cipher = AccessCipher();
 	unsigned int blockSize = cipher.BlockSize();