Fix signature and semantics of EVP_{CIPHER,MD}_CTX_init() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2024-03-02 09:55:30 +0000
committer	tb <>	2024-03-02 09:55:30 +0000
commit	4083c1a64fc21730cb59ac92344eaeeda5fd688b (patch)
tree	1a29aa5a7674f289db524ae2d0ca6b1ffb7043b3 /src/lib/libcrypto/evp/pmeth_lib.c
parent	9c25037b962e7ec9fbd5b3f3abb73f588d8d3a30 (diff)
download	openbsd-4083c1a64fc21730cb59ac92344eaeeda5fd688b.tar.gz openbsd-4083c1a64fc21730cb59ac92344eaeeda5fd688b.tar.bz2 openbsd-4083c1a64fc21730cb59ac92344eaeeda5fd688b.zip

Fix signature and semantics of EVP_{CIPHER,MD}_CTX_init()

When the EVP_CIPHER_CTX and the EVP_MD_CTX were still expected to live on the stack, these initialization APIs were wrappers around memset. In OpenSSL 1.1, somebody removed them and carelessly made _init() an alias of _reset() aka _cleanup(). As a consequence, both signature and semantics changed. Unsurprisingly, there is now code out there that actually uses the new semantics, which causes leaks on LibreSSL and older OpenSSL. This aligns our _init() with OpenSSL 1.1 semantics. ok jsing

Diffstat (limited to 'src/lib/libcrypto/evp/pmeth_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: