From 22d8895c4f65cd0dbbcfcfdf4da33f5b0b4a7e5b Mon Sep 17 00:00:00 2001 From: jsing Date: Sat, 10 Sep 2022 17:45:10 +0000 Subject: [PATCH] Increment the input and output position for EVP AES CFB1. The length is decremented, however the input is repeatedly read from and output written to the same position. Correct this by actually incrementing the input and output pointers. Found via OpenSSL 604e591ed7, ok tb@ --- lib/libcrypto/evp/e_aes.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/libcrypto/evp/e_aes.c b/lib/libcrypto/evp/e_aes.c index e6bba2b952c..3661abcbfe5 100644 --- a/lib/libcrypto/evp/e_aes.c +++ b/lib/libcrypto/evp/e_aes.c @@ -1,4 +1,4 @@ -/* $OpenBSD: e_aes.c,v 1.47 2022/09/06 06:38:26 jsing Exp $ */ +/* $OpenBSD: e_aes.c,v 1.48 2022/09/10 17:45:10 jsing Exp $ */ /* ==================================================================== * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. * @@ -511,6 +511,8 @@ aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK*8, &dat->ks, ctx->iv, &ctx->num, ctx->encrypt, dat->block); len -= MAXBITCHUNK; + in += MAXBITCHUNK; + out += MAXBITCHUNK; } if (len) CRYPTO_cfb128_1_encrypt(in, out, len*8, &dat->ks, -- 2.20.1