diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2021-02-16 19:54:02 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2021-02-16 19:54:02 +0000 |
| commit | 4f55bd5321b72491d4eff396e4928e9ab0706735 (patch) | |
| tree | 46adf486ba58f712ebd071b5d2dbeda04c45833b /crypto/evp | |
| parent | c25134eb4f5842c16f8f372a1e28849794d70883 (diff) | |
| download | src-4f55bd5321b72491d4eff396e4928e9ab0706735.tar.gz src-4f55bd5321b72491d4eff396e4928e9ab0706735.zip | |
Import OpenSSL 1.1.1j.vendor/openssl/1.1.1j
Diffstat (limited to 'crypto/evp')
| -rw-r--r-- | crypto/evp/evp_enc.c | 27 | ||||
| -rw-r--r-- | crypto/evp/evp_err.c | 4 |
2 files changed, 30 insertions, 1 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index b9b6490fe069..0843caf4f0a4 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -8,6 +8,7 @@ */ #include <stdio.h> +#include <limits.h> #include <assert.h> #include "internal/cryptlib.h" #include <openssl/evp.h> @@ -355,6 +356,19 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx, return 1; } else { j = bl - i; + + /* + * Once we've processed the first j bytes from in, the amount of + * data left that is a multiple of the block length is: + * (inl - j) & ~(bl - 1) + * We must ensure that this amount of data, plus the one block that + * we process from ctx->buf does not exceed INT_MAX + */ + if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) { + EVPerr(EVP_F_EVP_ENCRYPTDECRYPTUPDATE, + EVP_R_OUTPUT_WOULD_OVERFLOW); + return 0; + } memcpy(&(ctx->buf[i]), in, j); inl -= j; in += j; @@ -502,6 +516,19 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING); return 0; } + /* + * final_used is only ever set if buf_len is 0. Therefore the maximum + * length output we will ever see from evp_EncryptDecryptUpdate is + * the maximum multiple of the block length that is <= inl, or just: + * inl & ~(b - 1) + * Since final_used has been set then the final output length is: + * (inl & ~(b - 1)) + b + * This must never exceed INT_MAX + */ + if ((inl & ~(b - 1)) > INT_MAX - b) { + EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_OUTPUT_WOULD_OVERFLOW); + return 0; + } memcpy(out, ctx->final, b); out += b; fix_len = 1; diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 05481d827fb4..32ac0125de24 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -239,6 +239,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = { "operation not supported for this keytype"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW), + "output would overflow"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING), "partially overlapping buffers"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"}, |