[openssl-dev] [openssl.org #4537] [PATCH] Fix a NULL dereference in chacha20_poly1305_init_key()
Kazuki Yamaguchi via RT
rt at openssl.org
Tue May 10 11:50:57 UTC 2016
chacha20_poly1305_init_key() dereferences NULL when called with inkey !=
NULL && iv == NULL. This function is called by EVP_EncryptInit_ex()
family, whose documentation allows setting key and iv in separate calls.
---
I also created a pull request on GitHub:
- https://github.com/openssl/openssl/pull/1049
crypto/evp/e_chacha20_poly1305.c | 22 +++++++++++++---------
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
index c3c72a1..cc3927f 100644
--- a/crypto/evp/e_chacha20_poly1305.c
+++ b/crypto/evp/e_chacha20_poly1305.c
@@ -205,7 +205,6 @@ static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *iv, int enc)
{
EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx);
- unsigned char temp[CHACHA_CTR_SIZE];
if (!inkey && !iv)
return 1;
@@ -216,16 +215,21 @@ static int chacha20_poly1305_init_key(EVP_CIPHER_CTX *ctx,
actx->mac_inited = 0;
actx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH;
- /* pad on the left */
- memset(temp, 0, sizeof(temp));
- if (actx->nonce_len <= CHACHA_CTR_SIZE)
- memcpy(temp + CHACHA_CTR_SIZE - actx->nonce_len, iv, actx->nonce_len);
+ if (iv != NULL) {
+ unsigned char temp[CHACHA_CTR_SIZE] = { 0 };
- chacha_init_key(ctx, inkey, temp, enc);
+ /* pad on the left */
+ if (actx->nonce_len <= CHACHA_CTR_SIZE)
+ memcpy(temp + CHACHA_CTR_SIZE - actx->nonce_len, iv, actx->nonce_len);
- actx->nonce[0] = actx->key.counter[1];
- actx->nonce[1] = actx->key.counter[2];
- actx->nonce[2] = actx->key.counter[3];
+ chacha_init_key(ctx, inkey, temp, enc);
+
+ actx->nonce[0] = actx->key.counter[1];
+ actx->nonce[1] = actx->key.counter[2];
+ actx->nonce[2] = actx->key.counter[3];
+ } else {
+ chacha_init_key(ctx, inkey, NULL, enc);
+ }
return 1;
}
--
2.8.2.453.g21f6c40
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4537
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list