diff options
| author | Andy Polyakov <appro@openssl.org> | 2016-07-25 15:04:33 +0200 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2016-07-31 17:03:21 +0200 |
| commit | abdb460d8abe68fedcf00b52d2ba4bf4b7c1725c (patch) | |
| tree | 06015a18683b9d65e02c4c1c14f16075eb0afb9a /crypto/evp/bio_enc.c | |
| parent | 382bb0b294582c9d7f39ebfb96cd8849071687e0 (diff) | |
| download | openssl-new-abdb460d8abe68fedcf00b52d2ba4bf4b7c1725c.tar.gz | |
evp/bio_enc.c: perform enc_read operation without using overlapping buffers.
Reviewed-by: Stephen Henson <steve@openssl.org>
Diffstat (limited to 'crypto/evp/bio_enc.c')
| -rw-r--r-- | crypto/evp/bio_enc.c | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 5bc5d65e6d..47d0384b4d 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -40,7 +40,7 @@ typedef struct enc_struct { * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return * up to a block more data than is presented to it */ - char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2]; + unsigned char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2]; } BIO_ENC_CTX; static const BIO_METHOD methods_enc = { @@ -136,32 +136,50 @@ static int enc_read(BIO *b, char *out, int outl) */ while (outl > 0) { + int buf_len; + if (ctx->cont <= 0) break; + buf_len = outl + EVP_MAX_BLOCK_LENGTH - 1; + buf_len -= buf_len % EVP_MAX_BLOCK_LENGTH; + if (buf_len > ENC_BLOCK_SIZE) { + buf_len = ENC_BLOCK_SIZE; + } + /* * read in at IV offset, read the EVP_Cipher documentation about why */ - i = BIO_read(next, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE); + i = BIO_read(next, &(ctx->buf[BUF_OFFSET]), buf_len); if (i <= 0) { /* Should be continue next time we are called? */ if (!BIO_should_retry(next)) { ctx->cont = i; i = EVP_CipherFinal_ex(ctx->cipher, - (unsigned char *)ctx->buf, - &(ctx->buf_len)); + ctx->buf, &(ctx->buf_len)); ctx->ok = i; ctx->buf_off = 0; } else { ret = (ret == 0) ? i : ret; break; } + } else if (outl >= EVP_MAX_BLOCK_LENGTH) { + if (!EVP_CipherUpdate(ctx->cipher, + (unsigned char *)out, &buf_len, + &(ctx->buf[BUF_OFFSET]), i)) { + BIO_clear_retry_flags(b); + return 0; + } + ret += buf_len; + outl -= buf_len; + out += buf_len; + + continue; } else { if (!EVP_CipherUpdate(ctx->cipher, - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)&(ctx->buf[BUF_OFFSET]), - i)) { + ctx->buf, &ctx->buf_len, + &(ctx->buf[BUF_OFFSET]), i)) { BIO_clear_retry_flags(b); ctx->ok = 0; return 0; @@ -228,8 +246,8 @@ static int enc_write(BIO *b, const char *in, int inl) while (inl > 0) { n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl; if (!EVP_CipherUpdate(ctx->cipher, - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)in, n)) { + ctx->buf, &ctx->buf_len, + (const unsigned char *)in, n)) { BIO_clear_retry_flags(b); ctx->ok = 0; return 0; |