evp/evp_enc.c: make assert error message more readable

and add EVPerr(PARTIALLY_OVERLAPPED) Reviewed-by: Stephen Henson <steve@openssl.org>
2016-07-25 15:02:26 +02:00 · 2016-07-25 15:02:26 +02:00 · 83151b73a4
commit 83151b73a4
parent e1f02308ae
3 changed files with 25 additions and 9 deletions
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@ -285,10 +285,10 @@ static int is_partially_overlapping(const void *ptr1, const void *ptr2,
     * operations are used instead of boolean to minimize number
     * of conditional branches.]
     */
-    int condition = (len > 0) & (diff != 0) & ((diff < (PTRDIFF_T)len) |
-                                               (diff > (0 - (PTRDIFF_T)len)));
-    assert(!condition);
-    return condition;
+    int overlapped = (len > 0) & (diff != 0) & ((diff < (PTRDIFF_T)len) |
+                                                (diff > (0 - (PTRDIFF_T)len)));
+    assert(!overlapped);
+    return overlapped;
 }

 int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
@ -297,8 +297,10 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
    int i, j, bl;

    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-        if (is_partially_overlapping(out, in, inl))
+        if (is_partially_overlapping(out, in, inl)) {
+            EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
            return 0;
+        }

        i = ctx->cipher->do_cipher(ctx, out, in, inl);
        if (i < 0)
@ -312,8 +314,10 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
        *outl = 0;
        return inl == 0;
    }
-    if (is_partially_overlapping(out, in, inl))
+    if (is_partially_overlapping(out, in, inl)) {
+        EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
        return 0;
+    }

    if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) {
        if (ctx->cipher->do_cipher(ctx, out, in, inl)) {
@ -338,8 +342,10 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
            memcpy(&(ctx->buf[i]), in, j);
            inl -= j;
            in += j;
-            if (is_partially_overlapping(out, in, bl))
+            if (is_partially_overlapping(out, in, bl)) {
+	        EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
                return 0;
+            }
            if (!ctx->cipher->do_cipher(ctx, out, ctx->buf, bl))
                return 0;
            out += bl;
@ -417,8 +423,10 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
    unsigned int b;

    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-        if (is_partially_overlapping(out, in, inl))
+        if (is_partially_overlapping(out, in, inl)) {
+            EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
            return 0;
+        }

        fix_len = ctx->cipher->do_cipher(ctx, out, in, inl);
        if (fix_len < 0) {
@ -443,8 +451,10 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
    if (ctx->final_used) {
        /* see comment about PTRDIFF_T comparison above */
        if (((PTRDIFF_T)out == (PTRDIFF_T)in)
-            || is_partially_overlapping(out, in, b))
+            || is_partially_overlapping(out, in, b)) {
+            EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
            return 0;
+        }
        memcpy(out, ctx->final, b);
        out += b;
        fix_len = 1;
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@ -33,8 +33,10 @@ static ERR_STRING_DATA EVP_str_functs[] = {
    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH),
     "EVP_CIPHER_CTX_set_key_length"},
    {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
+    {ERR_FUNC(EVP_F_EVP_DECRYPTUPDATE), "EVP_DecryptUpdate"},
    {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
    {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
+    {ERR_FUNC(EVP_F_EVP_ENCRYPTUPDATE), "EVP_EncryptUpdate"},
    {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
    {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
    {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
@ -133,6 +135,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
    {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
     "operation not supported for this keytype"},
    {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
+    {ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING), "partially overlapping buffers"},
    {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
    {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
    {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@ -1459,8 +1459,10 @@ int ERR_load_EVP_strings(void);
 # define EVP_F_EVP_CIPHER_CTX_CTRL                        124
 # define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
 # define EVP_F_EVP_DECRYPTFINAL_EX                        101
+# define EVP_F_EVP_DECRYPTUPDATE                          166
 # define EVP_F_EVP_DIGESTINIT_EX                          128
 # define EVP_F_EVP_ENCRYPTFINAL_EX                        127
+# define EVP_F_EVP_ENCRYPTUPDATE                          167
 # define EVP_F_EVP_MD_CTX_COPY_EX                         110
 # define EVP_F_EVP_MD_SIZE                                162
 # define EVP_F_EVP_OPENINIT                               102
@ -1551,6 +1553,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_NO_OPERATION_SET                           149
 # define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
 # define EVP_R_OPERATON_NOT_INITIALIZED                   151
+# define EVP_R_PARTIALLY_OVERLAPPING                      162
 # define EVP_R_PRIVATE_KEY_DECODE_ERROR                   145
 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR                   146
 # define EVP_R_PUBLIC_KEY_NOT_RSA                         106