artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 77910b5) | patch
Check for negative IV length
authortb <tb@openbsd.org>
Sat, 18 Nov 2023 09:37:15 +0000 (09:37 +0000)
committertb <tb@openbsd.org>
Sat, 18 Nov 2023 09:37:15 +0000 (09:37 +0000)
commit0a5044de2e5201161f19ce9796a2921769c4cbb1
tree2c9e2a49e27b69ae0065eb1baa151e0e348f2427tree | snapshot
parent77910b5eb1652895fe36c5f035350a6ae4646932commit | diff
Check for negative IV length

A recent change in EVP_CIPHER_CTX_iv_length() made it possible in principle
that this function returns -1. This can only happen for an incorrectly set
up EVP_CIPHER. Still it is better form to check for negative lengths before
stuffing it into a memcpy().

It would probably be desirable to cap the iv_length to something large
enough. This can be done another time.

ok beck
lib/libcrypto/evp/e_aes.c diff | blob | history
lib/libcrypto/evp/e_rc2.c diff | blob | history
lib/libcrypto/evp/evp_enc.c diff | blob | history
lib/libcrypto/evp/evp_lib.c diff | blob | history
lib/libcrypto/evp/p_seal.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim