diff options
author | Matt Caswell <matt@openssl.org> | 2017-01-24 12:57:34 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-01-25 15:02:44 +0000 |
commit | 7141ba31969d0b378d08104a51f8f99b9187b9d5 (patch) | |
tree | 58735ecf1d4e9b266e2b928f13d018d2118f05c3 /crypto/evp/e_aes.c | |
parent | 0b96d77a62d8ac9a45ac1dda47560ced676b5b8d (diff) | |
download | openssl-7141ba31969d0b378d08104a51f8f99b9187b9d5.zip openssl-7141ba31969d0b378d08104a51f8f99b9187b9d5.tar.gz openssl-7141ba31969d0b378d08104a51f8f99b9187b9d5.tar.bz2 |
Fix the overlapping check for fragmented "Update" operations
When doing in place encryption the overlapping buffer check can fail
incorrectly where we have done a partial block "Update" operation. This
fixes things to take account of any pending partial blocks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2275)
Diffstat (limited to 'crypto/evp/e_aes.c')
-rw-r--r-- | crypto/evp/e_aes.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index d3be6a0..c0b0a1e 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -17,6 +17,7 @@ #include "internal/evp_int.h" #include "modes_lcl.h" #include <openssl/rand.h> +#include "evp_locl.h" typedef struct { union { @@ -2233,6 +2234,10 @@ static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, /* If not padding input must be multiple of 8 */ if (!pad && inlen & 0x7) return -1; + if (is_partially_overlapping(out, in, inlen)) { + EVPerr(EVP_F_AES_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING); + return 0; + } if (!out) { if (EVP_CIPHER_CTX_encrypting(ctx)) { /* If padding round up to multiple of 8 */ @@ -2551,6 +2556,11 @@ static int aes_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } else { buf = octx->data_buf; buf_len = &(octx->data_buf_len); + + if (is_partially_overlapping(out + *buf_len, in, len)) { + EVPerr(EVP_F_AES_OCB_CIPHER, EVP_R_PARTIALLY_OVERLAPPING); + return 0; + } } /* |