CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2019/04/03 09:33:37
Modified files:
lib/libcrypto/evp: e_aes_cbc_hmac_sha1.c
Log message:
Avoid some out of bound accesses in aesni_cbc_hmac_sha1_cipher().
The plen variable can be NO_PAYLOAD_LENGTH == (size_t)-1, so doing
tls_aad[plen-4] is no good. Also check that the length of the AAD
set via the control interface is equal to 13 since the whole file
is written with that case in mind.
Note that we no longer use this code in LibreSSL/OpenBSD. We
eliminated the use of these control interfaces and stitched cipher
modes in libssl a while ago.
Problem found by Guido Vranken with his cryptofuzz - thanks!
input & ok beck, jsing
