[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Andy Polyakov appro at openssl.org
Sat Mar 25 10:18:10 UTC 2017


The branch OpenSSL_1_0_2-stable has been updated
       via  e704d91d273164074b21de348e86ace3e074419e (commit)
      from  f49cf4afa0e408c527da08d076fec1159c3620d9 (commit)


- Log -----------------------------------------------------------------
commit e704d91d273164074b21de348e86ace3e074419e
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Fri Mar 24 13:09:43 2017 +0100

    Don't access memory before checking the correct length in aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3025)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/e_aes_cbc_hmac_sha256.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 46c9d03..8422aee 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -825,11 +825,13 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
     case EVP_CTRL_AEAD_TLS1_AAD:
         {
             unsigned char *p = ptr;
-            unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+            unsigned int len;
 
             if (arg != EVP_AEAD_TLS1_AAD_LEN)
                 return -1;
 
+            len = p[arg - 2] << 8 | p[arg - 1];
+
             if (ctx->encrypt) {
                 key->payload_length = len;
                 if ((key->aux.tls_ver =


More information about the openssl-commits mailing list