The branch OpenSSL_1_0_2-stable has been updated
via e704d91d273164074b21de348e86ace3e074419e (commit)
from f49cf4afa0e408c527da08d076fec1159c3620d9 (commit)
- Log -----------------------------------------------------------------
commit e704d91d273164074b21de348e86ace3e074419e
Author: Bernd Edlinger <[email protected]>
Date: Fri Mar 24 13:09:43 2017 +0100
Don't access memory before checking the correct length in
aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD.
Reviewed-by: Andy Polyakov <[email protected]>
Reviewed-by: Richard Levitte <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/3025)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/e_aes_cbc_hmac_sha256.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c
b/crypto/evp/e_aes_cbc_hmac_sha256.c
index 46c9d03..8422aee 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -825,11 +825,13 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX
*ctx, int type, int arg,
case EVP_CTRL_AEAD_TLS1_AAD:
{
unsigned char *p = ptr;
- unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+ unsigned int len;
if (arg != EVP_AEAD_TLS1_AAD_LEN)
return -1;
+ len = p[arg - 2] << 8 | p[arg - 1];
+
if (ctx->encrypt) {
key->payload_length = len;
if ((key->aux.tls_ver =
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
