diff options
| -rw-r--r-- | src/lib/libcrypto/evp/e_aes.c | 9 | ||||
| -rw-r--r-- | src/lib/libcrypto/evp/e_rc4_hmac_md5.c | 4 |
2 files changed, 10 insertions, 3 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index 71a18363f1..97cb5154a5 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_aes.c,v 1.32 2017/01/29 17:49:23 beck Exp $ */ | 1 | /* $OpenBSD: e_aes.c,v 1.33 2017/01/31 13:17:21 inoguchi Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -807,11 +807,16 @@ aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | |||
| 807 | c->buf[arg - 1]; | 807 | c->buf[arg - 1]; |
| 808 | 808 | ||
| 809 | /* Correct length for explicit IV */ | 809 | /* Correct length for explicit IV */ |
| 810 | if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN) | ||
| 811 | return 0; | ||
| 810 | len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; | 812 | len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; |
| 811 | 813 | ||
| 812 | /* If decrypting correct for tag too */ | 814 | /* If decrypting correct for tag too */ |
| 813 | if (!c->encrypt) | 815 | if (!c->encrypt) { |
| 816 | if (len < EVP_GCM_TLS_TAG_LEN) | ||
| 817 | return 0; | ||
| 814 | len -= EVP_GCM_TLS_TAG_LEN; | 818 | len -= EVP_GCM_TLS_TAG_LEN; |
| 819 | } | ||
| 815 | c->buf[arg - 2] = len >> 8; | 820 | c->buf[arg - 2] = len >> 8; |
| 816 | c->buf[arg - 1] = len & 0xff; | 821 | c->buf[arg - 1] = len & 0xff; |
| 817 | } | 822 | } |
diff --git a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c b/src/lib/libcrypto/evp/e_rc4_hmac_md5.c index a1fc0066e6..ac73361fa3 100644 --- a/src/lib/libcrypto/evp/e_rc4_hmac_md5.c +++ b/src/lib/libcrypto/evp/e_rc4_hmac_md5.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_rc4_hmac_md5.c,v 1.7 2016/11/05 10:47:57 miod Exp $ */ | 1 | /* $OpenBSD: e_rc4_hmac_md5.c,v 1.8 2017/01/31 13:17:21 inoguchi Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -262,6 +262,8 @@ rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) | |||
| 262 | unsigned int len = p[arg - 2] << 8 | p[arg - 1]; | 262 | unsigned int len = p[arg - 2] << 8 | p[arg - 1]; |
| 263 | 263 | ||
| 264 | if (!ctx->encrypt) { | 264 | if (!ctx->encrypt) { |
| 265 | if (len < MD5_DIGEST_LENGTH) | ||
| 266 | return -1; | ||
| 265 | len -= MD5_DIGEST_LENGTH; | 267 | len -= MD5_DIGEST_LENGTH; |
| 266 | p[arg - 2] = len >> 8; | 268 | p[arg - 2] = len >> 8; |
| 267 | p[arg - 1] = len; | 269 | p[arg - 1] = len; |