Hardly practical issue (and nobody cares about 3des), but. Affects openssl >= 1.0.0.
>From ad7d45569052656f158344999938d1ebcd29bce0 Mon Sep 17 00:00:00 2001 From: "Yuriy M. Kaminskiy" <yum...@gmail.com> Date: Sun, 22 Sep 2013 02:57:33 +0400 Subject: [PATCH] evp/e_des3: Fix integer overflow
...when processing more than 3*EVP_MAXCHUNK Regression by b444ac3e6f04aec13aa0c19983291b0326feb7f9. --- crypto/evp/e_des3.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 1e69972..8d7b7de 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -101,7 +101,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { - if (inl>=EVP_MAXCHUNK) + while (inl>=EVP_MAXCHUNK) { DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, @@ -132,7 +132,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, printf("\n"); } #endif /* KSSL_DEBUG */ - if (inl>=EVP_MAXCHUNK) + while (inl>=EVP_MAXCHUNK) { DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, @@ -151,7 +151,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { - if (inl>=EVP_MAXCHUNK) + while (inl>=EVP_MAXCHUNK) { DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, --