Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/common/patches/032-aes_cbc_len_check.patch
changeset 4370 7043c27399f1
parent 4002 95b8f35fcdd5
child 4822 1fb8a14c6702 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/common/patches/032-aes_cbc_len_check.patch	Thu May 28 09:54:36 2015 -0700
@@ -0,0 +1,18 @@
+#
+# This was developed in house and reported to the upstream.
+#
+--- openssl-1.0.1e/crypto/evp/e_aes.c        Tue Jul  2 11:03:12 2013
++++ openssl-1.0.1e/crypto/evp/e_aes.c.new    Tue Jul  2 11:04:56 2013
+@@ -536,8 +536,12 @@
+ static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t len)
+ {
++    size_t	bl = ctx->cipher->block_size;
+     EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+ 
++    if (len < bl)
++        return 1;
++
+     if (dat->stream.cbc)
+         (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
+     else if (ctx->encrypt)
upstream/oracle/userland-gate