Core/PacketIO: Fix sending uninitialized data

4 files changed, 14 insertions, 10 deletions

diff --git a/src/common/Cryptography/AES.cpp b/src/common/Cryptography/AES.cpp
index a7ad707e3be..9741f895574 100644
--- a/src/common/Cryptography/AES.cpp
+++ b/src/common/Cryptography/AES.cpp
@@ -33,7 +33,7 @@ void Trinity::Crypto::AES::Init(uint8 const* key)
     EVP_CipherInit_ex(_ctx, nullptr, nullptr, key, nullptr, -1);
 }
 
-bool Trinity::Crypto::AES::Process(uint8 const* iv, uint8* data, std::size_t length, uint8* tag)
+bool Trinity::Crypto::AES::Process(uint8 const* iv, uint8* data, std::size_t length, uint8(&tag)[12])
 {
     if (!EVP_CipherInit_ex(_ctx, nullptr, nullptr, nullptr, iv, -1))
         return false;
@@ -42,13 +42,13 @@ bool Trinity::Crypto::AES::Process(uint8 const* iv, uint8* data, std::size_t len
     if (!EVP_CipherUpdate(_ctx, data, &outLen, data, length))
         return false;
 
-    if (!_encrypting && !EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_SET_TAG, 12, tag))
+    if (!_encrypting && !EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_SET_TAG, sizeof(tag), tag))
         return false;
 
     if (!EVP_CipherFinal_ex(_ctx, data + outLen, &outLen))
         return false;
 
-    if (_encrypting && !EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_GET_TAG, 12, tag))
+    if (_encrypting && !EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_GET_TAG, sizeof(tag), tag))
         return false;
 
     return true;
diff --git a/src/common/Cryptography/AES.h b/src/common/Cryptography/AES.h
index c091ef670dc..3764bba1094 100644
--- a/src/common/Cryptography/AES.h
+++ b/src/common/Cryptography/AES.h
@@ -33,7 +33,7 @@ public:
 
     void Init(uint8 const* key);
 
-    bool Process(uint8 const* iv, uint8* data, std::size_t length, uint8* tag);
+    bool Process(uint8 const* iv, uint8* data, std::size_t length, uint8(&tag)[12]);
 
 private:
     EVP_CIPHER_CTX* _ctx;
diff --git a/src/common/Cryptography/Authentication/WorldPacketCrypt.cpp b/src/common/Cryptography/Authentication/WorldPacketCrypt.cpp
index af1ac4cfdc6..e06c45417c2 100644
--- a/src/common/Cryptography/Authentication/WorldPacketCrypt.cpp
+++ b/src/common/Cryptography/Authentication/WorldPacketCrypt.cpp
@@ -42,27 +42,31 @@ struct WorldPacketCryptIV
     std::array<uint8, 12> Value;
 };
 
-bool WorldPacketCrypt::DecryptRecv(uint8* data, size_t len, uint8* tag)
+bool WorldPacketCrypt::DecryptRecv(uint8* data, size_t length, uint8 (&tag)[12])
 {
     if (_initialized)
     {
         WorldPacketCryptIV iv{ _clientCounter, 0x544E4C43 };
-        if (!_clientDecrypt.Process(iv.Value.data(), data, len, tag))
+        if (!_clientDecrypt.Process(iv.Value.data(), data, length, tag))
             return false;
     }
+    else
+        memset(tag, 0, sizeof(tag));
 
     ++_clientCounter;
     return true;
 }
 
-bool WorldPacketCrypt::EncryptSend(uint8* data, size_t len, uint8* tag)
+bool WorldPacketCrypt::EncryptSend(uint8* data, size_t length, uint8 (&tag)[12])
 {
     if (_initialized)
     {
         WorldPacketCryptIV iv{ _serverCounter, 0x52565253 };
-        if (!_serverEncrypt.Process(iv.Value.data(), data, len, tag))
+        if (!_serverEncrypt.Process(iv.Value.data(), data, length, tag))
             return false;
     }
+    else
+        memset(tag, 0, sizeof(tag));
 
     ++_serverCounter;
     return true;
diff --git a/src/common/Cryptography/Authentication/WorldPacketCrypt.h b/src/common/Cryptography/Authentication/WorldPacketCrypt.h
index 155d741fdea..476f423308a 100644
--- a/src/common/Cryptography/Authentication/WorldPacketCrypt.h
+++ b/src/common/Cryptography/Authentication/WorldPacketCrypt.h
@@ -29,8 +29,8 @@ public:
     WorldPacketCrypt();
 
     void Init(uint8 const* key);
-    bool DecryptRecv(uint8* data, size_t length, uint8* tag);
-    bool EncryptSend(uint8* data, size_t length, uint8* tag);
+    bool DecryptRecv(uint8* data, size_t length, uint8 (&tag)[12]);
+    bool EncryptSend(uint8* data, size_t length, uint8 (&tag)[12]);
 
     bool IsInitialized() const { return _initialized; }