[openssl/openssl] e0e338: Fix bug in EVP_CIPHER_CTX_get_iv_length()

Pauli Tue, 02 Aug 2022 19:27:14 -0700

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: e0e338c8c50c226efc92fe79c788c9cdc03fc01f
      
https://github.com/openssl/openssl/commit/e0e338c8c50c226efc92fe79c788c9cdc03fc01f
  Author: Pauli <pa...@openssl.org>
  Date:   2022-08-03 (Wed, 03 Aug 2022)


  Changed paths:
    M crypto/evp/evp_lib.c

  Log Message:
  -----------
  Fix bug in EVP_CIPHER_CTX_get_iv_length()

Out of range values could possibly be returned due to a lack of range checking.
Very unlikely to be exploitable for our provider because sensible values are
returned for all ciphers.

Also fixed the defaulting code so that the cipher's IV length is returned if
the cipher ctx doesn't support getting.

Reviewed-by: Tomas Mraz <to...@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18875)


  Commit: 0a90577e717f76483525b2d8be6a42a9f04020d8
      
https://github.com/openssl/openssl/commit/0a90577e717f76483525b2d8be6a42a9f04020d8
  Author: Pauli <pa...@openssl.org>
  Date:   2022-08-03 (Wed, 03 Aug 2022)

  Changed paths:
    M doc/man3/EVP_EncryptInit.pod

  Log Message:
  -----------
  Note that EVP_CIPHER_get_iv_length returns negative values on error

Reviewed-by: Tomas Mraz <to...@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beld...@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18875)


Compare: https://github.com/openssl/openssl/compare/771fef7793ae...0a90577e717f

[openssl/openssl] e0e338: Fix bug in EVP_CIPHER_CTX_get_iv_length()

Reply via email to