Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/common/patches/032-aes_cbc_len_check.patch
branchs11u3-sru
changeset 7163 ee09edbd5876
parent 4006 c737cefdce54 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/common/patches/032-aes_cbc_len_check.patch	Wed Oct 26 13:19:33 2016 -0700
@@ -0,0 +1,18 @@
+#
+# This was developed in house and reported to the upstream.
+#
+--- openssl-1.0.1e/crypto/evp/e_aes.c        Tue Jul  2 11:03:12 2013
++++ openssl-1.0.1e/crypto/evp/e_aes.c.new    Tue Jul  2 11:04:56 2013
+@@ -1016,8 +1016,12 @@
+ static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t len)
+ {
++    size_t	bl = ctx->cipher->block_size;
+     EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+ 
++    if (len < bl)
++        return 1;
++
+     if (dat->stream.cbc)
+         (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
+     else if (ctx->encrypt)
upstream/oracle/userland-gate