packages/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssl/backport-Fix-integer-overflow-in-evp_EncryptDecryptUpdate.patch
fangxiuning 614a65544c patchs
2022-11-07 10:53:20 +08:00

63 lines
2.2 KiB
Diff
Raw Blame History

From eed53b9addd097a5d39f896b05aa857d6f29b245 Mon Sep 17 00:00:00 2001
From: Hugo Landau <hlandau@openssl.org>
Date: Fri, 11 Mar 2022 08:36:11 +0000
Subject: [PATCH] Fix integer overflow in evp_EncryptDecryptUpdate
Fixes #17871.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17872)
---
crypto/evp/evp_enc.c | 8 +++++---
crypto/evp/evp_local.h | 2 +-
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index d835968f25..b8b9d90d36 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -281,7 +281,7 @@ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
# define PTRDIFF_T size_t
#endif
-int is_partially_overlapping(const void *ptr1, const void *ptr2, int len)
+int is_partially_overlapping(const void *ptr1, const void *ptr2, size_t len)
{
PTRDIFF_T diff = (PTRDIFF_T)ptr1-(PTRDIFF_T)ptr2;
/*
@@ -299,7 +299,8 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
- int i, j, bl, cmpl = inl;
+ int i, j, bl;
+ size_t cmpl = (size_t)inl;
if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
cmpl = (cmpl + 7) / 8;
@@ -464,8 +465,9 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
- int fix_len, cmpl = inl;
+ int fix_len;
unsigned int b;
+ size_t cmpl = (size_t)inl;
/* Prevent accidental use of encryption context when decrypting */
if (ctx->encrypt) {
diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h
index f1589d6828..cd3c1cf148 100644
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@@ -65,4 +65,4 @@ struct evp_Encode_Ctx_st {
typedef struct evp_pbe_st EVP_PBE_CTL;
DEFINE_STACK_OF(EVP_PBE_CTL)
-int is_partially_overlapping(const void *ptr1, const void *ptr2, int len);
+int is_partially_overlapping(const void *ptr1, const void *ptr2, size_t len);
--
2.17.1
Reference in New Issue View Git Blame Copy Permalink