[openssl/openssl] cc750a: Check that IV length is not less than zero

Dmitry Belyavskiy noreply at github.com
Tue Aug 2 12:41:58 UTC 2022

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: cc750a9a81e24d46076b5de0b700aec478c2bd13
  Author: Dmitry Belyavskiy <beldmit at gmail.com>
  Date:   2022-08-02 (Tue, 02 Aug 2022)

  Changed paths:
    M crypto/cms/cms_enc.c
    M crypto/cms/cms_pwri.c
    M ssl/ktls.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/ssl3_record_tls13.c
    M ssl/statem/statem_srvr.c
    M ssl/t1_lib.c

  Log Message:
  Check that IV length is not less than zero

As EVP_CIPHER_CTX_get_iv_length indicates failure with -1, this error
should be processed. Also the result of this function shouldn't be
assigned to an unsigned variable.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>

Signed-off-by: Dmitry Belyavskiy <beldmit at gmail.com>

Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18922)

More information about the openssl-commits mailing list