Commit d4d89a07 authored by Simo Sorce's avatar Simo Sorce Committed by Pauli
Browse files

Fix input checks wrt legacy code 



In all legacy code ctx->cipher is dereferenced without checks, so it
makes no sense to jump there is ctx->cipher is NULL as it will just lead
to a crash. Catch it separately and return an error.

This is simlar to the fix in d2c2e49e

Signed-off-by: default avatarSimo Sorce <simo@redhat.com>

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9002)
parent 2e9d61ec

crypto/evp/evp_enc.c

+12 −7
Original line number Diff line number Diff line
@@ -587,7 +587,12 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, 
        return 0;

    }



    if (ctx->cipher == NULL || ctx->cipher->prov == NULL)

    if (ctx->cipher == NULL) {

        EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_NO_CIPHER_SET);

        return 0;

    }



    if (ctx->cipher->prov == NULL)

        goto legacy;



    blocksize = EVP_CIPHER_CTX_block_size(ctx);
@@ -831,7 +836,12 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 
        return 0;

    }



    if (ctx->cipher == NULL || ctx->cipher->prov == NULL)

    if (ctx->cipher == NULL) {

        EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_NO_CIPHER_SET);

        return 0;

    }



    if (ctx->cipher->prov == NULL)

        goto legacy;



    blocksize = EVP_CIPHER_CTX_block_size(ctx);
@@ -858,11 +868,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) 
 legacy:



    *outl = 0;

    if (ctx->cipher == NULL) {

        EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_NO_CIPHER_SET);

        return 0;

    }



    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {

        i = ctx->cipher->do_cipher(ctx, out, NULL, 0);

        if (i < 0)