From aa2ae5642b766c3841345397f090b892a27b4896 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Wed, 27 Jan 2016 14:42:32 +0100
Subject: [PATCH] aes256gcm_encrypt_afternm() - abort() if mlen > 2^39-256 bits

---
 .../crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c b/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c
index 71f33654..92f068f6 100644
--- a/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c
+++ b/src/libsodium/crypto_aead/aes256gcm/aesni/aead_aes256gcm_aesni.c
@@ -527,7 +527,7 @@ crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, unsigned long long *clen
 
     (void) nsec;
     memcpy(H, ctx->H, sizeof H);
-    if (mlen > 16ULL * (1ULL << 32)) {
+    if (mlen > 16ULL * ((1ULL << 32) - 2)) {
         abort(); /* LCOV_EXCL_LINE */
     }
     memcpy(&n2[0], npub, 3 * 4);