From 16e33e004409452259557d460749e6efcbd594d8 Mon Sep 17 00:00:00 2001
From: Brian Smith <brian@briansmith.org>
Date: Tue, 11 Jun 2024 09:51:40 -0700
Subject: [PATCH] aes_gcm: Make it clearer in two cases that slicing can't
 panic.

---
 src/aead/aes_gcm.rs | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/src/aead/aes_gcm.rs b/src/aead/aes_gcm.rs
index ebc1c4bd89..aa83a975b9 100644
--- a/src/aead/aes_gcm.rs
+++ b/src/aead/aes_gcm.rs
@@ -89,7 +89,14 @@ pub(super) fn seal(
                 )
             };
 
-            &mut in_out[processed..]
+            match in_out.get_mut(processed..) {
+                Some(remaining) => remaining,
+                None => {
+                    // This can't happen. If it did, then the assembly already
+                    // caused a buffer overflow.
+                    unreachable!()
+                }
+            }
         }
     };
 
@@ -206,7 +213,14 @@ pub(super) fn open(
                     xi,
                 )
             };
-            &mut in_out[processed..]
+            match in_out.get_mut(processed..) {
+                Some(remaining) => remaining,
+                None => {
+                    // This can't happen. If it did, then the assembly already
+                    // caused a buffer overflow.
+                    unreachable!()
+                }
+            }
         }
     };