[openssl] master update

Dr. Paul Dale pauli at openssl.org
Wed May 8 01:03:21 UTC 2019 

The branch master has been updated
       via  36e619d70f86f9dd52c57b6ac8a3bfea3c0a2745 (commit)
      from  0dc6bf3c39732aea7bc049d145c395bbec895f52 (commit)


- Log -----------------------------------------------------------------
commit 36e619d70f86f9dd52c57b6ac8a3bfea3c0a2745
Author: Guido Vranken <guidovranken at gmail.com>
Date:   Fri May 3 15:44:38 2019 +0200

    EVP_EncryptUpdate, EVP_EncryptFinal_ex: don't branch on uninitialized memory
    
    If ctx->cipher->cupdate/ctx->cipher->cfinal failed, 'soutl' is left
    uninitialized.
    
    This patch incorporates the same logic as present in EVP_DecryptUpdate and
    EVP_DecryptFinal_ex: only branch on 'soutl' if the preceding call succeeded.
    
    Bug found by OSS-Fuzz.
    
    Signed-off-by: Guido Vranken <guidovranken at gmail.com>
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/8874)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/evp_enc.c | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 4bc6370..29b707a 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -590,11 +590,14 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
                                inl + (blocksize == 1 ? 0 : blocksize), in,
                                (size_t)inl);
 
-    if (soutl > INT_MAX) {
-        EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_UPDATE_ERROR);
-        return 0;
+    if (ret) {
+        if (soutl > INT_MAX) {
+            EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_UPDATE_ERROR);
+            return 0;
+        }
+        *outl = soutl;
     }
-    *outl = soutl;
+
     return ret;
 
     /* TODO(3.0): Remove legacy code below */
@@ -640,11 +643,13 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
     ret = ctx->cipher->cfinal(ctx->provctx, out, &soutl,
                               blocksize == 1 ? 0 : blocksize);
 
-    if (soutl > INT_MAX) {
-        EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_FINAL_ERROR);
-        return 0;
+    if (ret) {
+        if (soutl > INT_MAX) {
+            EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_FINAL_ERROR);
+            return 0;
+        }
+        *outl = soutl;
     }
-    *outl = soutl;
 
     return ret;

More information about the openssl-commits mailing list