[openssl-dev] [openssl.org #3797] [PATCH] evp: fix memory corruption on absent payload
Fedor Indutny via RT
rt at openssl.org
Sat Apr 11 15:37:02 UTC 2015
Hello!
aes-128-cbc-hmac-sha1, aes-256-cbc-hmac-sha1 ciphers expect the AEAD
payload, but fail to operate if it wasn't supplied. In fact, in case of
absent payload - `plen` is going to be `NO_PAYLOAD_LENGTH` and the
memory will be corrupted (which sometimes leads to the crash).
NOTE: 41cf2d2518f8b7f31287984ea9f13bc9d55205dc implicitly fixes this
in 1.0.2, so this commit could be considered to be a partial back-port
of that one.
Attached is the suggested patch.
Thank you,
Fedor.
-------------- next part --------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJVKRE0AAoJENcGPM4Zt+iQKKwP/jyRhiNNMy7YVrvHTA/bF02a
PatvQGulRJvOPw0IzB8YydAsJbrBnYrVx1eniBv+5vjcA/9Tbc3yo0drIZR+um9N
z0ky4lDmQnIW5JHMhWkw55kEqpnV16rw5AeMfg4aNhFm/5m0tNHyb5Ft9Epu9hh0
kLV7RGKKmdPP/3FUKtQNictKUAcESZaIJeDeB24XKTOzAuSdPEunfST0tQG6qjtL
Chj2XrtFDJb+eonjWQmq2RZb67q2qituTOsuqv+e26mgulocnDanrRXetUiTyhDD
fjBNXBSUHME/xmfD5ffJR/eSnzY/Xzg7E14n4S4ctIPpfZ/3ked86wCj+PC1RGT1
Xt8lIhWwBzxDGn0161vMpFK59zWdFYBR+V6X0ubCO44F0ZfnExWAtxlr2/YkJyCS
HYMgJEZEyIp4qt9ubJ3gOFn7r5Dzo+Dc/hi2xmEneISiYvnu5ugjh4cQU/SQxy8c
GYI1KDbvhz0K/Z/qs/ByaSeYlcE5ZVanbvb8YyqtIAsRklaVzfapssMBMcWUTYcX
P6lt9sAmC7/wNdXvTMCUZoLS1Gz5HX5rmfdquT82kRWI5VYfN5qwWWwz1nN3VNcb
kyBf9NX1FJ/7tzQmYPDGNgif09vwPVD0x3q5gA5WYnrP/JZL6JYQpT9gHH7lz7Lv
pl3+vgsqfHkGs0I+W6Hy
=GkP4
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-evp-fix-memory-corruption-on-absent-payload.patch
Type: application/octet-stream
Size: 1393 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150411/f94f82c0/attachment-0001.obj>
More information about the openssl-dev
mailing list