diff options
author | Matt Caswell <matt@openssl.org> | 2022-10-21 14:08:29 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-11-02 11:11:40 +0100 |
commit | 3961af375e1522a3d37d2af8628bff43103ab4f5 (patch) | |
tree | 481ef1aeaca039bfe498c14c7ed4ae5b15860127 /ssl/record | |
parent | b718f6fcc4bbf48cfc6ab3fa64e6cb95453299b3 (diff) |
Pipeline output/input buf arrays must live until the EVP_Cipher is called
The pipeline input/output buf arrays must remain accessible to the
EVP_CIPHER_CTX until EVP_Cipher is subsequently called. This fixes an
asan error discovered by the newly added pipeline test.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19456)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/methods/tls1_meth.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c index 1007efc57a..54ed02fbc0 100644 --- a/ssl/record/methods/tls1_meth.c +++ b/ssl/record/methods/tls1_meth.c @@ -162,6 +162,7 @@ static int tls1_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs, EVP_CIPHER_CTX *ds; size_t reclen[SSL_MAX_PIPELINES]; unsigned char buf[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN]; + unsigned char *data[SSL_MAX_PIPELINES]; int pad = 0, tmpr, provided; size_t bs, ctr, padnum, loop; unsigned char padval; @@ -298,8 +299,6 @@ static int tls1_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs, size_t n_recs, } } if (n_recs > 1) { - unsigned char *data[SSL_MAX_PIPELINES]; - /* Set the output buffers */ for (ctr = 0; ctr < n_recs; ctr++) data[ctr] = recs[ctr].data; |