summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPauli <pauli@openssl.org>2022-03-16 14:57:24 +1100
committerPauli <ppzgs1@gmail.com>2022-04-03 12:55:23 +1000
commitd1592f21c0d4c2c94a8c6004cf7b5cad2dcb2637 (patch)
tree16bace5a0a6d96e4807161bbfa69bdfae79c2428
parent766a7d4676f08f815dd5070409e94954f4b64c6c (diff)
Fix Coverity 1503096: out-of-bounds access
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17898)
Diffstat
-rw-r--r--crypto/evp/evp_enc.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index d6b921ce81..9f0c43f912 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -357,8 +357,10 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
case EVP_CIPH_CBC_MODE:
n = EVP_CIPHER_CTX_get_iv_length(ctx);
- if (!ossl_assert(n >= 0 && n <= (int)sizeof(ctx->iv)))
- return 0;
+ if (n < 0 || n > (int)sizeof(ctx->iv)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
+ return 0;
+ }
if (iv != NULL)
memcpy(ctx->oiv, iv, n);
memcpy(ctx->iv, ctx->oiv, n);
@@ -368,8 +370,11 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
ctx->num = 0;
/* Don't reuse IV for CTR mode */
if (iv != NULL) {
- if ((n = EVP_CIPHER_CTX_get_iv_length(ctx)) <= 0)
+ n = EVP_CIPHER_CTX_get_iv_length(ctx);
+ if (n <= 0 || n > (int)sizeof(ctx->iv)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
return 0;
+ }
memcpy(ctx->iv, iv, n);
}
break;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 05:00:47 +0000