[openssl/openssl] 6f22bc: Add appropriate NULL checks in EVP_CIPHER api

Neil Horman noreply at github.com
Thu Jan 25 13:51:48 UTC 2024 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 6f22bcd631ab622c2436bc5b299ba2677c388375
      https://github.com/openssl/openssl/commit/6f22bcd631ab622c2436bc5b299ba2677c388375
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2024-01-25 (Thu, 25 Jan 2024)

  Changed paths:
    M apps/enc.c
    M crypto/cmac/cmac.c
    M crypto/cms/cms_pwri.c
    M crypto/evp/bio_enc.c
    M crypto/evp/evp_key.c
    M crypto/evp/evp_lib.c
    M crypto/pkcs12/p12_decr.c
    M doc/man3/EVP_EncryptInit.pod
    M providers/implementations/kdfs/krb5kdf.c
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/s3_enc.c
    M ssl/ssl_ciph.c
    M test/evp_extra_test.c
    M test/evp_libctx_test.c
    M test/evp_test.c
    M test/tls13encryptiontest.c

  Log Message:
  -----------
  Add appropriate NULL checks in EVP_CIPHER api

The EVP_CIPHER api currently assumes that calls made into several APIs
have already initalized the cipher in a given context via a call to
EVP_CipherInit[_ex[2]].  If that hasnt been done, instead of an error,
the result is typically a SIGSEGV.

Correct that by adding missing NULL checks in the apropriate apis prior
to using ctx->cipher

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22995)


  Commit: 72062fca2870af4ef789cd5fc3442b3569f52c9b
      https://github.com/openssl/openssl/commit/72062fca2870af4ef789cd5fc3442b3569f52c9b
  Author: Neil Horman <nhorman at openssl.org>
  Date:   2024-01-25 (Thu, 25 Jan 2024)

  Changed paths:
    M test/tls13encryptiontest.c

  Log Message:
  -----------
  Add tests for return codes for EVP_CIPHER_CTX_get[block_size|iv_length]

make sure that we get the expected error codes when we do bad things,
rather than a crash

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22995)


Compare: https://github.com/openssl/openssl/compare/ff78d94b131d...72062fca2870

More information about the openssl-commits mailing list