diff options
author | Pauli <pauli@openssl.org> | 2022-03-16 14:57:24 +1100 |
---|---|---|
committer | Pauli <ppzgs1@gmail.com> | 2022-04-03 12:55:23 +1000 |
commit | d1592f21c0d4c2c94a8c6004cf7b5cad2dcb2637 (patch) | |
tree | 16bace5a0a6d96e4807161bbfa69bdfae79c2428 /crypto/evp/evp_enc.c | |
parent | 766a7d4676f08f815dd5070409e94954f4b64c6c (diff) | |
download | openssl-new-d1592f21c0d4c2c94a8c6004cf7b5cad2dcb2637.tar.gz |
Fix Coverity 1503096: out-of-bounds access
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/17898)
Diffstat (limited to 'crypto/evp/evp_enc.c')
-rw-r--r-- | crypto/evp/evp_enc.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index d6b921ce81..9f0c43f912 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -357,8 +357,10 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, case EVP_CIPH_CBC_MODE: n = EVP_CIPHER_CTX_get_iv_length(ctx); - if (!ossl_assert(n >= 0 && n <= (int)sizeof(ctx->iv))) - return 0; + if (n < 0 || n > (int)sizeof(ctx->iv)) { + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH); + return 0; + } if (iv != NULL) memcpy(ctx->oiv, iv, n); memcpy(ctx->iv, ctx->oiv, n); @@ -368,8 +370,11 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, ctx->num = 0; /* Don't reuse IV for CTR mode */ if (iv != NULL) { - if ((n = EVP_CIPHER_CTX_get_iv_length(ctx)) <= 0) + n = EVP_CIPHER_CTX_get_iv_length(ctx); + if (n <= 0 || n > (int)sizeof(ctx->iv)) { + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH); return 0; + } memcpy(ctx->iv, iv, n); } break; |