diff options
author | Hugo Landau <hlandau@openssl.org> | 2022-03-11 09:57:26 +0300 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-03-15 15:05:40 +0300 |
commit | 1832bb0f02e519a48f06a10467c7ce5f7f3feeeb (patch) | |
tree | c07c67f9c5d830b107ea8035d71dee823648e5d5 /crypto/evp/evp_enc.c | |
parent | ef9909f3c6471ba39be1e3d18a366044cbf30a19 (diff) |
Fix signed integer overflow in evp_enc
Fixes #17869.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17870)
Diffstat (limited to 'crypto/evp/evp_enc.c')
-rw-r--r-- | crypto/evp/evp_enc.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 02566ae949..d0a62a6d46 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -605,7 +605,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) { int ret; - size_t soutl; + size_t soutl, inl_ = (size_t)inl; int blocksize; if (outl != NULL) { @@ -635,9 +635,10 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); return 0; } + ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl, - inl + (blocksize == 1 ? 0 : blocksize), in, - (size_t)inl); + inl_ + (size_t)(blocksize == 1 ? 0 : blocksize), + in, inl_); if (ret) { if (soutl > INT_MAX) { @@ -753,7 +754,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, { int fix_len, cmpl = inl, ret; unsigned int b; - size_t soutl; + size_t soutl, inl_ = (size_t)inl; int blocksize; if (outl != NULL) { @@ -783,8 +784,8 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, return 0; } ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl, - inl + (blocksize == 1 ? 0 : blocksize), in, - (size_t)inl); + inl_ + (size_t)(blocksize == 1 ? 0 : blocksize), + in, inl_); if (ret) { if (soutl > INT_MAX) { |