Skip to content
Commit 36e619d7 authored by Guido Vranken's avatar Guido Vranken Committed by Pauli
Browse files

EVP_EncryptUpdate, EVP_EncryptFinal_ex: don't branch on uninitialized memory



If ctx->cipher->cupdate/ctx->cipher->cfinal failed, 'soutl' is left
uninitialized.

This patch incorporates the same logic as present in EVP_DecryptUpdate and
EVP_DecryptFinal_ex: only branch on 'soutl' if the preceding call succeeded.

Bug found by OSS-Fuzz.

Signed-off-by: default avatarGuido Vranken <guidovranken@gmail.com>

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8874)
parent 0dc6bf3c
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment