Fix Issue OSS-Fuzz: Branch on uninitialized memory (in ccm code).

This would also happen for aes-ccm. There was one branch path where it just returned 1 without setting *padlen, It now branches so that the value is set to 0. Fixes #9691 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9692)
author: Shane Lontis <shane.lontis@oracle.com> 2019-08-25 17:10:48 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2019-08-25 17:10:55 +1000
commit: 37a830e729f56cfc7b893f321880ac52f1b35cdb (patch)
tree: ae4be7504516dd293d1fb7c7d85a2b4938f21ff3
parent: f3b8d77f99c84e39c48599ad54366e806f3b9478 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/providers/common/ciphers/cipher_ccm.c b/providers/common/ciphers/cipher_ccm.c
index 980c815aa1..fcfef73197 100644
--- a/providers/common/ciphers/cipher_ccm.c
+++ b/providers/common/ciphers/cipher_ccm.c
@@ -349,7 +349,7 @@ static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out,
 
     /* EVP_*Final() doesn't return any data */
     if (in == NULL && out != NULL)
-        return 1;
+        goto finish;
 
     if (!ctx->iv_set)
         goto err;
@@ -388,6 +388,7 @@ static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out,
         }
     }
     olen = len;
+finish:
     rv = 1;
 err:
     *padlen = olen;
author	Shane Lontis <shane.lontis@oracle.com>	2019-08-25 17:10:48 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2019-08-25 17:10:55 +1000
commit	37a830e729f56cfc7b893f321880ac52f1b35cdb (patch)
tree	ae4be7504516dd293d1fb7c7d85a2b4938f21ff3
parent	f3b8d77f99c84e39c48599ad54366e806f3b9478 (diff)