From 8827eb83259015ad5965e9b7456200129daad175 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Thu, 14 May 2015 10:35:30 +0200 Subject: MDEV-8162 func_str crashes on SELECT AES_DECRYPT(AES_ENCRYPT(...)) on line 107 encrypting 0 byte string *is* possible --- mysys_ssl/my_crypt.cc | 47 ++++++++++++++++++++++++----------------------- 1 file changed, 24 insertions(+), 23 deletions(-) (limited to 'mysys_ssl') diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc index 0c977eb94bf..b95879a3012 100644 --- a/mysys_ssl/my_crypt.cc +++ b/mysys_ssl/my_crypt.cc @@ -71,8 +71,6 @@ static int block_crypt(CipherMode cipher, Dir dir, { int tail= source_length % MY_AES_BLOCK_SIZE; - DBUG_ASSERT(source_length); - if (likely(source_length >= MY_AES_BLOCK_SIZE || !no_padding)) { #ifdef HAVE_YASSL @@ -139,28 +137,31 @@ static int block_crypt(CipherMode cipher, Dir dir, #endif } - if (no_padding && tail) + if (no_padding) { - /* - Not much we can do, block ciphers cannot encrypt data that aren't - a multiple of the block length. At least not without padding. - Let's do something CTR-like for the last partial block. - */ - - uchar mask[MY_AES_BLOCK_SIZE]; - uint mlen; - - DBUG_ASSERT(iv_length >= sizeof(mask)); - my_aes_encrypt_ecb(iv, sizeof(mask), mask, &mlen, - key, key_length, 0, 0, 1); - DBUG_ASSERT(mlen == sizeof(mask)); - - const uchar *s= source + source_length - tail; - const uchar *e= source + source_length; - uchar *d= dest + source_length - tail; - const uchar *m= mask; - while (s < e) - *d++ = *s++ ^ *m++; + if (tail) + { + /* + Not much we can do, block ciphers cannot encrypt data that aren't + a multiple of the block length. At least not without padding. + Let's do something CTR-like for the last partial block. + */ + + uchar mask[MY_AES_BLOCK_SIZE]; + uint mlen; + + DBUG_ASSERT(iv_length >= sizeof(mask)); + my_aes_encrypt_ecb(iv, sizeof(mask), mask, &mlen, + key, key_length, 0, 0, 1); + DBUG_ASSERT(mlen == sizeof(mask)); + + const uchar *s= source + source_length - tail; + const uchar *e= source + source_length; + uchar *d= dest + source_length - tail; + const uchar *m= mask; + while (s < e) + *d++ = *s++ ^ *m++; + } *dest_length= source_length; } -- cgit v1.2.1