Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/openssl-1.0.1/patches/36_evp_leak.patch
branchs11u2-sru3-backport
changeset 3403 8aeab0c54096
parent 3217 6c32d6df504a
child 3621 3e00113c3743
equal deleted inserted replaced
3397:fea90a0cfae1 3403:8aeab0c54096 
     1 Patch developed in-house.  Solaris-specific; not suitable for upstream.
 
     1 Patch developed in-house.  Solaris-specific; not suitable for upstream.
 
     2 
     2 
     3 --- openssl-1.0.1f/crypto/evp/evp_enc.c.orig	Mon Feb 11 07:26:04 2013
 
     3 --- openssl-1.0.1f/crypto/evp/evp_enc.c.orig	Mon Feb 11 07:26:04 2013
 
     4 +++ openssl-1.0.1f/crypto/evp/evp_enc.c	Mon Feb  3 16:40:48 2014
 
     4 +++ openssl-1.0.1f/crypto/evp/evp_enc.c	Mon Feb  3 16:40:48 2014
 
     5 @@ -393,10 +393,14 @@
 
     5 @@ -394,10 +394,14 @@
 
     6  		{
 
     6  		{
 
     7  		ret = M_do_cipher(ctx, out, NULL, 0);
 
     7  		ret = M_do_cipher(ctx, out, NULL, 0);
 
     8  		if (ret < 0)
 
     8  		if (ret < 0)
 
     9 -			return 0;
 
     9 -			return 0;
 
    10 +			{
 
    10 +			{
 
    17 +		ret = 1;
 
    17 +		ret = 1;
 
    18 +		goto cleanup;
 
    18 +		goto cleanup;
 
    19  		}
 
    19  		}
 
    20  
    20  
    21  	b=ctx->cipher->block_size;
 
    21  	b=ctx->cipher->block_size;
 
    22 @@ -404,7 +408,8 @@
 
    22 @@ -405,7 +409,8 @@
 
    23  	if (b == 1)
 
    23  	if (b == 1)
 
    24  		{
 
    24  		{
 
    25  		*outl=0;
 
    25  		*outl=0;
 
    26 -		return 1;
 
    26 -		return 1;
 
    27 +		ret = 1;
 
    27 +		ret = 1;
 
    28 +		goto cleanup;
 
    28 +		goto cleanup;
 
    29  		}
 
    29  		}
 
    30  	bl=ctx->buf_len;
 
    30  	bl=ctx->buf_len;
 
    31  	if (ctx->flags & EVP_CIPH_NO_PADDING)
 
    31  	if (ctx->flags & EVP_CIPH_NO_PADDING)
 
    32 @@ -412,10 +417,12 @@
 
    32 @@ -413,10 +418,12 @@
 
    33  		if(bl)
 
    33  		if(bl)
 
    34  			{
 
    34  			{
 
    35  			EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
 
    35  			EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
 
    36 -			return 0;
 
    36 -			return 0;
 
    37 +			ret = 0;
 
    37 +			ret = 0;
 
    42 +		ret = 1;
 
    42 +		ret = 1;
 
    43 +		goto cleanup;
 
    43 +		goto cleanup;
 
    44  		}
 
    44  		}
 
    45  
    45  
    46  	n=b-bl;
 
    46  	n=b-bl;
 
    47 @@ -427,6 +434,12 @@
 
    47 @@ -428,6 +435,12 @@
 
    48  	if(ret)
 
    48  	if(ret)
 
    49  		*outl=b;
 
    49  		*outl=b;
 
    50  
    50  
    51 +cleanup:
 
    51 +cleanup:
 
    52 +	if (ctx->cipher->cleanup)
 
    52 +	if (ctx->cipher->cleanup)
 
    55 +		}
 
    55 +		}
 
    56 +
 
    56 +
 
    57  	return ret;
 
    57  	return ret;
 
    58  	}
 
    58  	}
 
    59  
    59  
    60 @@ -500,7 +513,7 @@
 
    60 @@ -502,6 +515,7 @@
 
    61  
       
    62  int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 
    61  int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 
    63  	{
 
    62  	{
 
    64 -	int i,n;
 
    63  	unsigned int i, b;
 
    65 +	int i,n,ret = 1;
 
    64 +	int err = 1;
 
    66  	unsigned int b;
 
    65          unsigned char pad, padding_good;
 
    67  	*outl=0;
 
    66  	*outl=0;
 
    68  
    67  
    69 @@ -508,10 +521,14 @@
 
    68 @@ -509,10 +522,14 @@
 
    70  		{
 
    69  		{
 
    71  		i = M_do_cipher(ctx, out, NULL, 0);
 
    70  		int ret = M_do_cipher(ctx, out, NULL, 0);
 
    72  		if (i < 0)
 
    71  		if (ret < 0)
 
    73 -			return 0;
 
    72 -			return 0;
 
    74 +			{
 
    73 +			{
 
    75 +			ret = 0;
 
    74 +			err = 0;
 
    76 +			goto cleanup;
 
    75 +			goto cleanup;
 
    77 +			}
 
    76 +			}
 
    78  		else
 
    77  		else
 
    79  			*outl = i;
 
    78  			*outl = ret;
 
    80 -		return 1;
 
    79 -		return 1;
 
    81 +		ret = 1;
 
    80 +		err = 1;
 
    82 +		goto cleanup;
 
    81 +		goto cleanup;
 
    83  		}
 
    82  		}
 
    84  
    83  
    85  	b=ctx->cipher->block_size;
 
    84  	b=(unsigned int)(ctx->cipher->block_size);
 
    86 @@ -520,10 +537,12 @@
 
    85 @@ -521,10 +538,12 @@
 
    87  		if(ctx->buf_len)
 
    86  		if(ctx->buf_len)
 
    88  			{
 
    87  			{
 
    89  			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
 
    88  			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
 
    90 -			return 0;
 
    89 -			return 0;
 
    91 +			ret = 0;
 
    90 +			err = 0;
 
    92 +			goto cleanup;
 
    91 +			goto cleanup;
 
    93  			}
 
    92  			}
 
    94  		*outl = 0;
 
    93  		*outl = 0;
 
    95 -		return 1;
 
    94 -		return 1;
 
    96 +		ret = 1;
 
    95 +		err = 1;
 
    97 +		goto cleanup;
 
    96 +		goto cleanup;
 
    98  		}
 
    97  		}
 
    99  	if (b > 1)
 
    98  	if (b > 1)
 
   100  		{
 
    99  		{
 
   101 @@ -530,7 +549,8 @@
 
   100 @@ -531,7 +550,8 @@
 
   102  		if (ctx->buf_len || !ctx->final_used)
 
   101  		if (ctx->buf_len || !ctx->final_used)
 
   103  			{
 
   102  			{
 
   104  			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
 
   103  			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
 
   105 -			return(0);
 
   104 -			return(0);
 
   106 +			ret = 0;
 
   105 +			err = 0;
 
   107 +			goto cleanup;
 
   106 +			goto cleanup;
 
   108  			}
 
   107  			}
 
   109  		OPENSSL_assert(b <= sizeof ctx->final);
 
   108  		OPENSSL_assert(b <= sizeof ctx->final);
 
   110  		n=ctx->final[b-1];
 
   109  		pad=ctx->final[b-1];
 
   111 @@ -537,7 +557,8 @@
 
   110 @@ -555,13 +577,22 @@
 
   112  		if (n == 0 || n > (int)b)
 
   111  			out[i] = ctx->final[i] & padding_good;
 
   113  			{
 
   112  		/* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */
 
   114  			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
 
   113  		*outl = padding_good & ((unsigned char)(b - pad));
 
   115 -			return(0);
 
   114 -		return padding_good & 1;
 
   116 +			ret = 0;
 
   115 +		err = padding_good & 1;
 
   117 +			goto cleanup;
 
   116 +		goto cleanup;
 
   118  			}
 
       
   119  		for (i=0; i<n; i++)
 
       
   120  			{
 
       
   121 @@ -544,7 +565,8 @@
 
       
   122  			if (ctx->final[--b] != n)
 
       
   123  				{
 
       
   124  				EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
 
       
   125 -				return(0);
 
       
   126 +				ret = 0;
 
       
   127 +				goto cleanup;
 
       
   128  				}
 
       
   129  			}
 
       
   130  		n=ctx->cipher->block_size-n;
 
       
   131 @@ -554,7 +576,14 @@
 
       
   132  		}
 
   117  		}
 
   133  	else
 
   118  	else
 
   134  		*outl=0;
 
   119  		{
 
   135 -	return(1);
 
   120  		*outl = 0;
 
       
   121 -		return 1;
 
       
   122 +		err = 1;
 
       
   123  		}
 
   136 +
 
   124 +
 
   137 +cleanup:
 
   125 +cleanup:
 
   138 +	if (ctx->cipher->cleanup)
 
   126 +	if (ctx->cipher->cleanup)
 
   139 +		{
 
   127 +		{
 
   140 +		ctx->cipher->cleanup(ctx);
 
   128 +		ctx->cipher->cleanup(ctx);
 
   141 +		}
 
   129 +		}
 
   142 +
 
   130 +
 
   143 +	return ret;
 
   131 +	return err;
 
   144  	}
 
   132  	}
 
   145  
   133  
   146  void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
 
   134  void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
upstream/oracle/userland-gate