[openssl/openssl] a3d6fc: evp-cmac: do not seg-fault when getting mac-size b...

James Muir noreply at github.com
Fri Dec 1 10:57:11 UTC 2023


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: a3d6fc8cf7059cfbe32e56d6ac810fed0872a449
      https://github.com/openssl/openssl/commit/a3d6fc8cf7059cfbe32e56d6ac810fed0872a449
  Author: James Muir <james at openssl.org>
  Date:   2023-12-01 (Fri, 01 Dec 2023)

  Changed paths:
    M providers/implementations/macs/cmac_prov.c
    M test/evp_test.c

  Log Message:
  -----------
  evp-cmac: do not seg-fault when getting mac-size before init

Add null check to cmac_size().  This avoids a seg-fault encountered
with cmac when EVP_MAC_CTX_get_mac_size() is called before init.

Extend mac testing in evp_test.c to check that the sizes returned by
EVP_MAC_CTX_get_mac_size() before and after init make sense (this also
ensures that we no longer seg-fault).

Fixes #22842

Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22858)

(cherry picked from commit ff181969e28c1503b077b47a9ded3683524b3fd8)




More information about the openssl-commits mailing list