diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-02-06 13:37:42 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-02-07 09:12:34 +0000 |
commit | 273a0218e65f1737cdbb0ef65a5ddebd601e6bef (patch) | |
tree | 058bca35ee32b87c37543a103d99ee599f7d144c /crypto/evp/e_aes.c | |
parent | be4c82aa767998ce2a5717fc895482052373f1b1 (diff) |
Fix a crash in EVP_CIPHER_CTX_cleanup due to cipher_data may be NULL
or EVP_CTRL_INIT/EVP_CTRL_COPY was not called or failed.
If that happens in EVP_CipherInit_ex/EVP_CIPHER_CTX_copy set cipher = NULL,
aes_gcm_cleanup should check that gctx != NULL before calling OPENSSL_cleanse.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2562)
Diffstat (limited to 'crypto/evp/e_aes.c')
-rw-r--r-- | crypto/evp/e_aes.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 2e5e4edaad..857a402f8f 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -1268,6 +1268,8 @@ BLOCK_CIPHER_generic_pack(NID_aes, 128, 0) static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) { EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,c); + if (gctx == NULL) + return 0; OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm)); if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c)) OPENSSL_free(gctx->iv); |