summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/e_rc2.c
diff options
context:
space:
mode:
authorjsing <>2022-09-04 15:45:25 +0000
committerjsing <>2022-09-04 15:45:25 +0000
commit0dba8d0b642d3c82e3cd754e1bf070bf7605f174 (patch)
treeba2ba0d0fb3b66a11531af5f3a417e903e75a241 /src/lib/libcrypto/evp/e_rc2.c
parent0ace47e359750ce9915e94dedcd1129b9d8017fe (diff)
downloadopenbsd-0dba8d0b642d3c82e3cd754e1bf070bf7605f174.tar.gz
openbsd-0dba8d0b642d3c82e3cd754e1bf070bf7605f174.tar.bz2
openbsd-0dba8d0b642d3c82e3cd754e1bf070bf7605f174.zip
Add bounds checks for various EVP cipher implementations.
The EVP cipher API uses size_t, however a number of the underlying implementations use long in their API. This means that an input with size > LONG_MAX will go negative. Found by Coverity, hiding under a large pile of macros. ok tb@
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c15
1 files changed, 14 insertions, 1 deletions
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
index 6567e75b0c..72e582d5e0 100644
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_rc2.c,v 1.16 2022/09/04 13:55:39 jsing Exp $ */ 1/* $OpenBSD: e_rc2.c,v 1.17 2022/09/04 15:45:25 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -56,6 +56,7 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#include <limits.h>
59#include <stdio.h> 60#include <stdio.h>
60 61
61#include <openssl/opensslconf.h> 62#include <openssl/opensslconf.h>
@@ -87,6 +88,9 @@ typedef struct {
87static int 88static int
88rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) 89rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
89{ 90{
91 if (inl > LONG_MAX)
92 return 0;
93
90 while (inl >= EVP_MAXCHUNK) { 94 while (inl >= EVP_MAXCHUNK) {
91 RC2_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); 95 RC2_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
92 inl -= EVP_MAXCHUNK; 96 inl -= EVP_MAXCHUNK;
@@ -105,6 +109,9 @@ rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *i
105{ 109{
106 size_t chunk = EVP_MAXCHUNK; 110 size_t chunk = EVP_MAXCHUNK;
107 111
112 if (inl > LONG_MAX)
113 return 0;
114
108 if (inl < chunk) 115 if (inl < chunk)
109 chunk = inl; 116 chunk = inl;
110 117
@@ -125,6 +132,9 @@ rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
125{ 132{
126 size_t i, bl; 133 size_t i, bl;
127 134
135 if (inl > LONG_MAX)
136 return 0;
137
128 bl = ctx->cipher->block_size; 138 bl = ctx->cipher->block_size;
129 139
130 if (inl < bl) 140 if (inl < bl)
@@ -141,6 +151,9 @@ rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
141static int 151static int
142rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) 152rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
143{ 153{
154 if (inl > LONG_MAX)
155 return 0;
156
144 while (inl >= EVP_MAXCHUNK) { 157 while (inl >= EVP_MAXCHUNK) {
145 RC2_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); 158 RC2_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
146 inl -= EVP_MAXCHUNK; 159 inl -= EVP_MAXCHUNK;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-16 00:57:39 +0000