X-Git-Url: http://www.git.cypherpunks.ru/?p=gogost.git;a=blobdiff_plain;f=mgm%2Fmode.go;h=c281567fbaf9ceb8dc33777314e2122788064a7b;hp=065bff50edd0b96e5a01aff22be9f4270398d2f9;hb=52e9112b563e6ee472a31136ec9dc69876cf6e02;hpb=601d93d18d18b0f9719a874fa0eda902d033d097

diff --git a/mgm/mode.go b/mgm/mode.go
index 065bff5..c281567 100644
--- a/mgm/mode.go
+++ b/mgm/mode.go
@@ -234,7 +234,9 @@ func (mgm *MGM) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
 func (mgm *MGM) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
 	mgm.validateNonce(nonce)
 	mgm.validateSizes(ciphertext, additionalData)
-	if uint64(len(ciphertext)-mgm.tagSize) > mgm.maxSize {
+	if len(ciphertext) < mgm.TagSize {
+		return nil, errors.New("ciphertext is too short")
+	}
 	if uint64(len(ciphertext)-mgm.TagSize) > mgm.MaxSize {
 		panic("ciphertext is too big")
 	}