wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix Issue OSS-Fuzz: Branch on uninitialized memory (in ccm code).

Browse source 
This would also happen for aes-ccm. There was one branch path where it just returned 1
without setting *padlen, It now branches so that the value is set to 0.

Fixes #9691

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9692)
This commit is contained in:
Shane Lontis 2019-08-25 17:10:48 +10:00
parent f3b8d77f99
commit 37a830e729
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
providers/common/ciphers/cipher_ccm.c
View file

@ -349,7 +349,7 @@ static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out,
/* EVP_*Final() doesn't return any data */
if (in == NULL && out != NULL)
return 1;
goto finish;
if (!ctx->iv_set)
goto err;
@ -388,6 +388,7 @@ static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out,
}
}
olen = len;
finish:
rv = 1;
err:
*padlen = olen;