From: tb <tb@openbsd.org>
Date: Thu, 28 Mar 2024 01:42:02 +0000 (+0000)
Subject: Check the return value of EVP_CIPHER_CTX_reset()
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=685bc7106269e359d7f0f128d1a4c60674ac6022;p=openbsd

Check the return value of EVP_CIPHER_CTX_reset()

The function call can't actually fail, but all other calls check its
return value.

ok joshua jsing
---

diff --git a/lib/libcrypto/evp/p_legacy.c b/lib/libcrypto/evp/p_legacy.c
index a444309f1da..adb6dc9174a 100644
--- a/lib/libcrypto/evp/p_legacy.c
+++ b/lib/libcrypto/evp/p_legacy.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: p_legacy.c,v 1.4 2024/03/26 05:22:50 joshua Exp $ */
+/*	$OpenBSD: p_legacy.c,v 1.5 2024/03/28 01:42:02 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -99,7 +99,8 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 	int i, size = 0, ret = 0;
 
 	if (type) {
-		EVP_CIPHER_CTX_reset(ctx);
+		if (!EVP_CIPHER_CTX_reset(ctx))
+			return 0;
 		if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
 			return 0;
 	}
@@ -154,7 +155,8 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
 	int i, iv_len;
 
 	if (type) {
-		EVP_CIPHER_CTX_reset(ctx);
+		if (!EVP_CIPHER_CTX_reset(ctx))
+			return 0;
 		if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
 			return 0;
 	}