From a7b32867ddf8079e3bf02cc3983db091a95a3533 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 7 Jul 2020 01:15:06 -0400
Subject: [PATCH] Add sanity check to
 AuthenticatedSymmetricCipherBase::TruncatedFinal (GH #954)

---
 authenc.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/authenc.cpp b/authenc.cpp
index 2ac9362aa..89a7142dd 100644
--- a/authenc.cpp
+++ b/authenc.cpp
@@ -140,6 +140,9 @@ void AuthenticatedSymmetricCipherBase::ProcessData(byte *outString, const byte *
 
 void AuthenticatedSymmetricCipherBase::TruncatedFinal(byte *mac, size_t macSize)
 {
+	// https://github.com/weidai11/cryptopp/issues/954
+	this->ThrowIfInvalidTruncatedSize(macSize);
+
 	if (m_totalHeaderLength > MaxHeaderLength())
 		throw InvalidArgument(AlgorithmName() + ": header length of " + IntToString(m_totalHeaderLength) + " exceeds the maximum of " + IntToString(MaxHeaderLength()));