diff options
author | Hugo Landau <hlandau@openssl.org> | 2022-03-11 06:57:26 +0000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-03-15 13:06:35 +0100 |
commit | 591a2bf08b391955bed512496a20113da26f9f91 (patch) | |
tree | 87b62c9c44c6815e9bc634ff6d5fc9f22be9a6c0 | |
parent | 4b51d6534accc1ae71d9f6e28266e27452382292 (diff) |
Fix signed integer overflow in evp_enc
Fixes #17869.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17870)
(cherry picked from commit 1832bb0f02e519a48f06a10467c7ce5f7f3feeeb)
-rw-r--r-- | crypto/evp/evp_enc.c | 13 | ||||
-rw-r--r-- | test/sanitytest.c | 7 |
2 files changed, 14 insertions, 6 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 519cab3f2b..0cffa1028c 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -595,7 +595,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { int ret; - size_t soutl; + size_t soutl, inl_ = (size_t)inl; int blocksize; if (outl != NULL) { @@ -625,9 +625,10 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); return 0; } + ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl, - inl + (blocksize == 1 ? 0 : blocksize), in, - (size_t)inl); + inl_ + (size_t)(blocksize == 1 ? 0 : blocksize), + in, inl_); if (ret) { if (soutl > INT_MAX) { @@ -743,7 +744,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, { int fix_len, cmpl = inl, ret; unsigned int b; - size_t soutl; + size_t soutl, inl_ = (size_t)inl; int blocksize; if (outl != NULL) { @@ -773,8 +774,8 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, return 0; } ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl, - inl + (blocksize == 1 ? 0 : blocksize), in, - (size_t)inl); + inl_ + (size_t)(blocksize == 1 ? 0 : blocksize), + in, inl_); if (ret) { if (soutl > INT_MAX) { diff --git a/test/sanitytest.c b/test/sanitytest.c index b1aadc4aa8..ec850651d2 100644 --- a/test/sanitytest.c +++ b/test/sanitytest.c @@ -114,6 +114,13 @@ static int test_sanity_range(void) TEST_error("int must not be wider than size_t"); return 0; } + + /* SIZE_MAX is always greater than 2*INT_MAX */ + if (SIZE_MAX - INT_MAX <= INT_MAX) { + TEST_error("SIZE_MAX must exceed 2*INT_MAX"); + return 0; + } + return 1; } |