[openssl/openssl] f428e2: Fix bug in EVP_CIPHER_CTX_get_iv_length()
Pauli
noreply at github.com
Wed Aug 3 02:30:03 UTC 2022
Branch: refs/heads/openssl-3.0
Home: https://github.com/openssl/openssl
Commit: f428e2112c6c795db76d804e0fcb36aac40f1477
https://github.com/openssl/openssl/commit/f428e2112c6c795db76d804e0fcb36aac40f1477
Author: Pauli <pauli at openssl.org>
Date: 2022-08-03 (Wed, 03 Aug 2022)
Changed paths:
M crypto/evp/evp_lib.c
Log Message:
-----------
Fix bug in EVP_CIPHER_CTX_get_iv_length()
Out of range values could possibly be returned due to a lack of range checking.
Very unlikely to be exploitable for our provider because sensible values are
returned for all ciphers.
Also fixed the defaulting code so that the cipher's IV length is returned if
the cipher ctx doesn't support getting.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18875)
(cherry picked from commit e0e338c8c50c226efc92fe79c788c9cdc03fc01f)
Commit: 2a6275f58bdb2371c603be7f89310f7b4906e5c0
https://github.com/openssl/openssl/commit/2a6275f58bdb2371c603be7f89310f7b4906e5c0
Author: Pauli <pauli at openssl.org>
Date: 2022-08-03 (Wed, 03 Aug 2022)
Changed paths:
M doc/man3/EVP_EncryptInit.pod
Log Message:
-----------
Note that EVP_CIPHER_get_iv_length returns negative values on error
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18875)
(cherry picked from commit 0a90577e717f76483525b2d8be6a42a9f04020d8)
Compare: https://github.com/openssl/openssl/compare/cc750a9a81e2...2a6275f58bdb
More information about the openssl-commits
mailing list