[openssl/openssl] 83ab43: Check that IV length is not less than zero

Dmitry Belyavskiy noreply at github.com
Mon Aug 1 07:16:59 UTC 2022


  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 83ab43da0c9f67c5069605552b1332ca5fadecf1
      https://github.com/openssl/openssl/commit/83ab43da0c9f67c5069605552b1332ca5fadecf1
  Author: Dmitry Belyavskiy <beldmit at gmail.com>
  Date:   2022-08-01 (Mon, 01 Aug 2022)

  Changed paths:
    M crypto/cms/cms_enc.c
    M crypto/cms/cms_pwri.c
    M ssl/ktls.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/ssl3_record_tls13.c
    M ssl/statem/statem_srvr.c
    M ssl/t1_lib.c

  Log Message:
  -----------
  Check that IV length is not less than zero

As EVP_CIPHER_CTX_get_iv_length indicates failure with -1, this error
should be processed. Also the result of this function shouldn't be
assigned to an unsigned variable.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18891)




More information about the openssl-commits mailing list