Vulnerable File: circuits/aes-gcm/gctr.circom
commit: 9ef4926c8fec7784ddf2f6da2de3791da839983a
When INPUT_LEN < 16 (nBlocks = 0):
- CounterBlocks is declared with dimension [nBlocks][4][4], then
CounterBlocks[0] is written; this is out-of-bounds when nBlocks = 0.
inc32[nBlocks - 1] becomes inc32[-1], which is invalid.aes[nBlocks].block <== CounterBlocks[nBlocks-1] accesses CounterBlocks[-1].
Vulnerable File:
circuits/aes-gcm/gctr.circomcommit:
9ef4926c8fec7784ddf2f6da2de3791da839983aWhen INPUT_LEN < 16 (
nBlocks = 0):CounterBlocks[0]is written; this is out-of-bounds whennBlocks = 0.inc32[nBlocks - 1]becomes inc32[-1], which is invalid.aes[nBlocks].block <== CounterBlocks[nBlocks-1]accessesCounterBlocks[-1].