From e9e25cd0054b43e0a9230101a50093c2b3d6a690 Mon Sep 17 00:00:00 2001
From: Ben Turner <ben-turner@users.noreply.github.com>
Date: Tue, 4 Apr 2017 14:08:20 -0700
Subject: [PATCH] Check blocksize before retrieving Salt Header

`saltHeader := data[:aes.BlockSize]` will panic if the data provided is smaller than one AES Block. Return an error instead.
---
 openssl.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/openssl.go b/openssl.go
index bdacae6..181da2b 100644
--- a/openssl.go
+++ b/openssl.go
@@ -37,6 +37,9 @@ func (o *OpenSSL) DecryptString(passphrase, encryptedBase64String string) ([]byt
 	if err != nil {
 		return nil, err
 	}
+	if len(data) < aes.BlockSize {
+		return nil, fmt.Errorf("Data is too short")
+	}
 	saltHeader := data[:aes.BlockSize]
 	if string(saltHeader[:8]) != o.openSSLSaltHeader {
 		return nil, fmt.Errorf("Does not appear to have been encrypted with OpenSSL, salt header missing.")