[openssl/openssl] 276758: Fix incomplete checks for EVP_CIPHER_asn1_to_param
Niels Dossche
noreply at github.com
Wed Jan 25 14:48:22 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: 27675857653f3344eeda17b2f2426f3fa0da9329
https://github.com/openssl/openssl/commit/27675857653f3344eeda17b2f2426f3fa0da9329
Author: Niels Dossche <niels.dossche at ugent.be>
Date: 2023-01-25 (Wed, 25 Jan 2023)
Changed paths:
M crypto/evp/evp_lib.c
M crypto/evp/p5_crpt2.c
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
Fix incomplete checks for EVP_CIPHER_asn1_to_param
EVP_CIPHER_asn1_to_param() returns a value <= 0 in case of an error, and
a value greater than 0 in case of success. Two callsites only check for
< 0 instead of <= 0. The other callsites perform this check correctly.
Change the two callsites to <= 0. Additionally correctly handle a zero
return value from EVP_CIPHER_get_asn1_iv as success.
Fixes: #20116
CLA: trivial
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/201213)
(cherry picked from commit 114d99b46bfb212ffc510865df317ca2c1542623)
More information about the openssl-commits
mailing list