Missing AESNI bounds checks

[nanotech]

extern crate crypto;

use crypto::aes::KeySize;
use crypto::aesni::AesNiEncryptor;
use crypto::symmetriccipher::BlockEncryptor;

fn main() {
    let enc = AesNiEncryptor::new(KeySize::KeySize256, &[0; 32]);
    let mut out = [0; 16];
    enc.encrypt_block(&vec![], &mut out);
}

This crashes inside the AESNI assembly because there's no check for a minimum required length before the unsafe code is reached, and Vec's as_ptr() returns a pointer value of 0x1 for new empty Vecs. It doesn't crash if you pass an empty static slice (&[]), because those have a pointer into static data memory, but it still reads out of bounds. If you pass a reference to an empty slice on the stack, and then decrypt the output, you can read some stack memory.

Key setup is also missing bounds checks:

extern crate crypto;

use crypto::aes::KeySize;
use crypto::aesni::AesNiEncryptor;

fn main() {
    let _ = AesNiEncryptor::new(KeySize::KeySize256, &vec![]);
}