Avoid some out of bound accesses in aesni_cbc_hmac_sha1_cipher(). - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2019-04-03 15:33:37 +0000
committer	tb <>	2019-04-03 15:33:37 +0000
commit	1292146bda904a7983b666fdf116ea07699d00e6 (patch)
tree	8077e8ba614ed3a964beb415a20d1db8a87aecc9 /src/lib/libssl/s3_lib.c
parent	453060073ca204b0494e6a26765f826e02733527 (diff)
download	openbsd-1292146bda904a7983b666fdf116ea07699d00e6.tar.gz openbsd-1292146bda904a7983b666fdf116ea07699d00e6.tar.bz2 openbsd-1292146bda904a7983b666fdf116ea07699d00e6.zip

Avoid some out of bound accesses in aesni_cbc_hmac_sha1_cipher().

The plen variable can be NO_PAYLOAD_LENGTH == (size_t)-1, so doing tls_aad[plen-4] is no good. Also check that the length of the AAD set via the control interface is equal to 13 since the whole file is written with that case in mind. Note that we no longer use this code in LibreSSL/OpenBSD. We eliminated the use of these control interfaces and stitched cipher modes in libssl a while ago. Problem found by Guido Vranken with his cryptofuzz - thanks! input & ok beck, jsing

Diffstat (limited to 'src/lib/libssl/s3_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: