artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 80fc4cb) | patch
Add bounds checks for various EVP cipher implementations.
authorjsing <jsing@openbsd.org>
Sun, 4 Sep 2022 15:45:25 +0000 (15:45 +0000)
committerjsing <jsing@openbsd.org>
Sun, 4 Sep 2022 15:45:25 +0000 (15:45 +0000)
commitb76ab7f95425fa2547421d0b37f32218c4434c6e
tree178656f6881a0ce3f3562ba36e28e4c9833530batree | snapshot
parent80fc4cb67b9a550d6717b15ece3ea5b941ef7c37commit | diff
Add bounds checks for various EVP cipher implementations.

The EVP cipher API uses size_t, however a number of the underlying
implementations use long in their API. This means that an input with
size > LONG_MAX will go negative.

Found by Coverity, hiding under a large pile of macros.

ok tb@
lib/libcrypto/evp/e_bf.c diff | blob | history
lib/libcrypto/evp/e_cast.c diff | blob | history
lib/libcrypto/evp/e_des.c diff | blob | history
lib/libcrypto/evp/e_des3.c diff | blob | history
lib/libcrypto/evp/e_idea.c diff | blob | history
lib/libcrypto/evp/e_rc2.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim