Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/openssl-1.0.1-fips-140/patches/32_aes_cbc_len_check.patch
author Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
Tue, 17 Dec 2013 16:11:49 -0800
changeset 1606 3c7c8020eda1
child 4002 95b8f35fcdd5
permissions -rw-r--r--
17836054 EVP_DigestUpdate crashes because of a NULL pointer 17952352 FIPS OpenSSL needs same patches as non-FIPS OpenSSL

--- openssl-1.0.1e/crypto/evp/e_aes.c        Tue Jul  2 11:03:12 2013
+++ openssl-1.0.1e/crypto/evp/e_aes.c.new    Tue Jul  2 11:04:56 2013
@@ -574,8 +574,11 @@
 static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
 	const unsigned char *in, size_t len)
 {
+	size_t	bl = ctx->cipher->block_size;
 	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
 
+	if (len<bl)	return 1;
+
 	if (dat->stream.cbc)
 		(*dat->stream.cbc)(in,out,len,&dat->ks,ctx->iv,ctx->encrypt);
 	else if (ctx->encrypt)
upstream/oracle/userland-gate