[openssl] master update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Wed Jun 3 11:16:12 UTC 2020
The branch master has been updated
via 42fa3e66697baa121220b4eacf03607280e4ff89 (commit)
from 2b584ff372b2b25bb6801172bbeb90074b26f88c (commit)
- Log -----------------------------------------------------------------
commit 42fa3e66697baa121220b4eacf03607280e4ff89
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Tue Jun 2 11:52:24 2020 +0200
Fix a buffer overflow in drbg_ctr_generate
This can happen if the 32-bit counter overflows
and the last block is not a multiple of 16 bytes.
Fixes #12012
[extended tests]
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
Reviewed-by: Patrick Steuer <patrick.steuer at de.ibm.com>
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/12016)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/drbg_ctr.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c
index 050ae49652..33e1b324c6 100644
--- a/crypto/rand/drbg_ctr.c
+++ b/crypto/rand/drbg_ctr.c
@@ -366,9 +366,11 @@ __owur static int drbg_ctr_generate(RAND_DRBG *drbg,
ctr32 = GETU32(ctr->V + 12) + blocks;
if (ctr32 < blocks) {
/* 32-bit counter overflow into V. */
- blocks -= ctr32;
- buflen = blocks * 16;
- ctr32 = 0;
+ if (ctr32 != 0) {
+ blocks -= ctr32;
+ buflen = blocks * 16;
+ ctr32 = 0;
+ }
ctr96_inc(ctr->V);
}
PUTU32(ctr->V + 12, ctr32);
More information about the openssl-commits
mailing list