CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2023/11/18 02:37:15
Modified files:
lib/libcrypto/evp: e_aes.c e_rc2.c evp_enc.c evp_lib.c p_seal.c
Log message:
Check for negative IV length
A recent change in EVP_CIPHER_CTX_iv_length() made it possible in principle
that this function returns -1. This can only happen for an incorrectly set
up EVP_CIPHER. Still it is better form to check for negative lengths before
stuffing it into a memcpy().
It would probably be desirable to cap the iv_length to something large
enough. This can be done another time.
ok beck
