Directly return from final sha3/keccak_final if no bytes are requested

Requesting zero bytes from shake previously led to out-of-bounds write on some platforms. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9433)
author: Patrick Steuer <patrick.steuer@de.ibm.com> 2019-08-05 16:53:16 +0200
committer: Patrick Steuer <patrick.steuer@de.ibm.com> 2019-08-18 21:06:03 +0200
commit: a890ef833d114da3430c2f2efd95e01714704d34 (patch)
tree: fa4984fae9f1752c4876527c9bbb5a5070114899 /providers
parent: 5be78a88aa922a6c43a83a18dbe252c6a358b8e9 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/providers/common/digests/sha3_prov.c b/providers/common/digests/sha3_prov.c
index 469a1606ff..17b15b7ca2 100644
--- a/providers/common/digests/sha3_prov.c
+++ b/providers/common/digests/sha3_prov.c
@@ -90,10 +90,12 @@ static int keccak_update(void *vctx, const unsigned char *inp, size_t len)
 static int keccak_final(void *vctx, unsigned char *out, size_t *outl,
                         size_t outsz)
 {
-    int ret;
+    int ret = 1;
     KECCAK1600_CTX *ctx = vctx;
 
-    ret = ctx->meth.final(out, ctx);
+    if (outsz > 0)
+        ret = ctx->meth.final(out, ctx);
+
     *outl = ctx->md_size;
     return ret;
 }
author	Patrick Steuer <patrick.steuer@de.ibm.com>	2019-08-05 16:53:16 +0200
committer	Patrick Steuer <patrick.steuer@de.ibm.com>	2019-08-18 21:06:03 +0200
commit	a890ef833d114da3430c2f2efd95e01714704d34 (patch)
tree	fa4984fae9f1752c4876527c9bbb5a5070114899 /providers
parent	5be78a88aa922a6c43a83a18dbe252c6a358b8e9 (diff)