From a276321dea04eaa0cfc80c56e8faca4b8ded0b7a Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Thu, 10 May 2018 22:44:03 +0200
Subject: stupidgcm: return error on too short input instead of panicing

This is what Go GCM does as well.
---
 internal/stupidgcm/stupidgcm.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/internal/stupidgcm/stupidgcm.go b/internal/stupidgcm/stupidgcm.go
index 59636c0..82d0323 100644
--- a/internal/stupidgcm/stupidgcm.go
+++ b/internal/stupidgcm/stupidgcm.go
@@ -10,6 +10,7 @@ import "C"
 
 import (
 	"crypto/cipher"
+	"fmt"
 	"log"
 	"unsafe"
 )
@@ -144,12 +145,12 @@ func (g *StupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
 	if len(iv) != ivLen {
 		log.Panicf("Only %d-byte IVs are supported", ivLen)
 	}
-	if len(in) <= tagLen {
-		log.Panic("Input data too short")
-	}
 	if len(g.key) != keyLen {
 		log.Panicf("Wrong key length: %d. Key has been wiped?", len(g.key))
 	}
+	if len(in) <= tagLen {
+		return nil, fmt.Errorf("stupidgcm: input data too short (%d bytes)", len(in))
+	}
 
 	// If the "dst" slice is large enough we can use it as our output buffer
 	outLen := len(in) - tagLen
-- 
cgit v1.2.3