[openssl/openssl] a3d6fc: evp-cmac: do not seg-fault when getting mac-size b...
James Muir
noreply at github.com
Fri Dec 1 10:57:11 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: a3d6fc8cf7059cfbe32e56d6ac810fed0872a449
https://github.com/openssl/openssl/commit/a3d6fc8cf7059cfbe32e56d6ac810fed0872a449
Author: James Muir <james at openssl.org>
Date: 2023-12-01 (Fri, 01 Dec 2023)
Changed paths:
M providers/implementations/macs/cmac_prov.c
M test/evp_test.c
Log Message:
-----------
evp-cmac: do not seg-fault when getting mac-size before init
Add null check to cmac_size(). This avoids a seg-fault encountered
with cmac when EVP_MAC_CTX_get_mac_size() is called before init.
Extend mac testing in evp_test.c to check that the sizes returned by
EVP_MAC_CTX_get_mac_size() before and after init make sense (this also
ensures that we no longer seg-fault).
Fixes #22842
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22858)
(cherry picked from commit ff181969e28c1503b077b47a9ded3683524b3fd8)
More information about the openssl-commits
mailing list