Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssl/common/patches/032-aes_cbc_len_check.patch
author Misaki Miyashita <Misaki.Miyashita@Oracle.COM>
Thu, 28 May 2015 09:54:36 -0700
changeset 4370 7043c27399f1
parent 4002 components/openssl/openssl-1.0.1/patches/32_aes_cbc_len_check.patch@95b8f35fcdd5
child 4822 1fb8a14c6702
permissions -rw-r--r--
19375978 Common code between openssl-1.0.1 and openssl-1.0.1-fips-140 should be shared

#
# This was developed in house and reported to the upstream.
#
--- openssl-1.0.1e/crypto/evp/e_aes.c        Tue Jul  2 11:03:12 2013
+++ openssl-1.0.1e/crypto/evp/e_aes.c.new    Tue Jul  2 11:04:56 2013
@@ -536,8 +536,12 @@
 static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, size_t len)
 {
+    size_t	bl = ctx->cipher->block_size;
     EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
 
+    if (len < bl)
+        return 1;
+
     if (dat->stream.cbc)
         (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
     else if (ctx->encrypt)
upstream/oracle/userland-gate