Prevent stack-buffer-overflow with address sanitizer

srtp/crypto/cipher/aes_gcm_ossl.c

Index: srtp/crypto/cipher/aes_gcm_ossl.c
diff --git a/srtp/crypto/cipher/aes_gcm_ossl.c b/srtp/crypto/cipher/aes_gcm_ossl.c
index dce2a337cb8dd234fbebe3ab6ee770cf629fff52..4bff8dbebc922a9df4dc186b70a08074ce0b7ddd 100644
--- a/srtp/crypto/cipher/aes_gcm_ossl.c
+++ b/srtp/crypto/cipher/aes_gcm_ossl.c
@@ -267,7 +267,9 @@ err_status_t aes_gcm_openssl_set_aad (aes_gcm_ctx_t *c, unsigned char *aad,
      * Set dummy tag, OpenSSL requires the Tag to be set before
      * processing AAD
      */
-    EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, aad);
+    unsigned char dummy_tag[GCM_AUTH_TAG_LEN];
+    memset(dummy_tag, 0x0, GCM_AUTH_TAG_LEN);
+    EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, &dummy_tag);

[tommi, 2016/07/26 08:47:14]

does sizeof(dummy_tag) have to match c->tag_len?

[joachim, 2016/07/26 09:08:38]

Yes, but it has to be between 1 and 16 bytes (see
https://cs.chromium.org/chromium/src/third_party/boringssl/src/crypto/cipher/...),
so always passing a buffer with "GCM_AUTH_TAG_LEN" (i.e. 16) bytes will work in
any case.

[tommi, 2016/07/26 09:45:09]

Acknowledged.

 
     rv = EVP_Cipher(&c->ctx, NULL, aad, aad_len);
     if (rv != aad_len) {