[openssl] master update

Mon, 02 Nov 2020 07:33:39 -0800 

The branch master has been updated
       via  3d4c81b09b2b44fe11be875fac817f2de6299065 (commit)
      from  8ea761bf40e6578ecd95ec47772ef86a2e4d4607 (commit)


- Log -----------------------------------------------------------------
commit 3d4c81b09b2b44fe11be875fac817f2de6299065
Author: jwalch <jeremy.wa...@gmail.com>
Date:   Thu Oct 29 14:05:19 2020 -0400

    Initialize outl in evp_enc.c to 0, protect against NULL
    
    Fixes #12734
    
    Reviewed-by: Matt Caswell <m...@openssl.org>
    Reviewed-by: Tomas Mraz <tm...@fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/13268)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/evp_enc.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 929c95eed8..d8fc3ab7ad 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -535,6 +535,13 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char 
*out, int *outl,
     size_t soutl;
     int blocksize;
 
+    if (outl != NULL) {
+        *outl = 0;
+    } else {
+        EVPerr(EVP_F_EVP_ENCRYPTUPDATE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
     /* Prevent accidental use of decryption context when encrypting */
     if (!ctx->encrypt) {
         EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_INVALID_OPERATION);
@@ -589,6 +596,13 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char 
*out, int *outl)
     size_t soutl;
     int blocksize;
 
+    if (outl != NULL) {
+        *outl = 0;
+    } else {
+        EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
     /* Prevent accidental use of decryption context when encrypting */
     if (!ctx->encrypt) {
         EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_INVALID_OPERATION);
@@ -670,6 +684,13 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char 
*out, int *outl,
     size_t soutl;
     int blocksize;
 
+    if (outl != NULL) {
+        *outl = 0;
+    } else {
+        EVPerr(EVP_F_EVP_DECRYPTUPDATE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
     /* Prevent accidental use of encryption context when decrypting */
     if (ctx->encrypt) {
         EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_INVALID_OPERATION);
@@ -784,6 +805,13 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char 
*out, int *outl)
     int ret;
     int blocksize;
 
+    if (outl != NULL) {
+        *outl = 0;
+    } else {
+        EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
     /* Prevent accidental use of encryption context when decrypting */
     if (ctx->encrypt) {
         EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_INVALID_OPERATION);

Reply via email to