Avoid some out of bound accesses in aesni_cbc_hmac_sha1_cipher(). - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2019-04-03 15:33:37 +0000
committer	tb <>	2019-04-03 15:33:37 +0000
commit	0974fba21e49535e60936c798269b670d2ed764a (patch)
tree	8077e8ba614ed3a964beb415a20d1db8a87aecc9 /src/lib/libssl/ssl_algs.c
parent	cd6dd381f1ef67941eda5e6ff9f13348a913adfb (diff)
download	openbsd-0974fba21e49535e60936c798269b670d2ed764a.tar.gz openbsd-0974fba21e49535e60936c798269b670d2ed764a.tar.bz2 openbsd-0974fba21e49535e60936c798269b670d2ed764a.zip

Avoid some out of bound accesses in aesni_cbc_hmac_sha1_cipher().

The plen variable can be NO_PAYLOAD_LENGTH == (size_t)-1, so doing tls_aad[plen-4] is no good. Also check that the length of the AAD set via the control interface is equal to 13 since the whole file is written with that case in mind. Note that we no longer use this code in LibreSSL/OpenBSD. We eliminated the use of these control interfaces and stitched cipher modes in libssl a while ago. Problem found by Guido Vranken with his cryptofuzz - thanks! input & ok beck, jsing

Diffstat (limited to 'src/lib/libssl/ssl_algs.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: