openssl/crypto
Guido Vranken fc4c034ee8 Enforce a strict output length check in CRYPTO_ccm128_tag
Return error if the output tag buffer size doesn't match
the tag size exactly. This prevents the caller from
using that portion of the tag buffer that remains
uninitialized after an otherwise succesfull call to
CRYPTO_ccm128_tag.

Bug found by OSS-Fuzz.

Fix suggested by Kurt Roeckx.

Signed-off-by: Guido Vranken <guidovranken@gmail.com>

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8810)

(cherry picked from commit 514c9da48b)
2019-04-25 11:00:39 +01:00
..
aes PPC assembly pack: fix copy-paste error in CTR mode 2019-03-18 20:07:57 +10:00
aria Fix potential null problem. 2017-09-01 09:30:18 +10:00
asn1 Update copyright year 2019-02-26 14:05:09 +00:00
async arch/async_posix.h: improve portability. 2018-10-19 10:31:04 +02:00
bf Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
bio Add testing of RDONLY memory BIOs 2019-04-16 10:55:36 +01:00
blake2 fix truncation of integers on 32bit AIX 2019-03-11 14:47:00 +01:00
bn Fix compiling error for mips32r6 and mips64r6 2019-03-19 07:37:45 +01:00
buffer Update copyright year 2018-04-03 13:57:12 +01:00
camellia Update copyright year 2018-09-11 13:45:17 +01:00
cast Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
chacha deps: add s390 asm rules for OpenSSL-1.1.1 2019-03-01 08:41:26 +01:00
cmac Update copyright year 2018-04-17 15:18:40 +02:00
cms Update copyright year 2019-02-26 14:05:09 +00:00
comp Fix last(?) batch of malloc-NULL places 2018-04-26 14:02:24 -04:00
conf OPENSSL_config(): restore error agnosticism 2019-03-20 14:25:43 +01:00
ct Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
des Update copyright year 2019-02-26 14:05:09 +00:00
dh Increase rounds of Miller-Rabin testing DH_check 2019-03-27 15:03:55 +00:00
dsa Added NULL check to BN_clear() & BN_CTX_end() 2019-03-19 07:28:39 +01:00
dso Rework DSO API conditions and configuration option 2019-04-10 07:50:17 +02:00
ec Don't use coordinate blinding when scalar is group order 2019-04-14 11:27:00 +02:00
engine Update copyright year 2019-02-26 14:05:09 +00:00
err Make err_clear_constant_time really constant time 2019-03-22 14:24:48 +01:00
evp EVP_*Update: ensure that input NULL with length 0 isn't passed 2019-04-10 07:53:32 +02:00
hmac Don't allow SHAKE128/SHAKE256 with HMAC 2019-03-27 14:37:22 +00:00
idea Remove parentheses of return. 2017-10-18 16:05:06 +01:00
include/internal Rework DSO API conditions and configuration option 2019-04-10 07:50:17 +02:00
kdf Reset the HKDF state between operations 2018-10-29 14:11:40 +00:00
lhash Update copyright year 2018-09-11 13:45:17 +01:00
md2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
md4 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
md5 Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
mdc2 Remove parentheses of return. 2017-10-18 16:05:06 +01:00
modes Enforce a strict output length check in CRYPTO_ccm128_tag 2019-04-25 11:00:39 +01:00
objects Update generator copyright year. 2019-01-07 13:53:24 -05:00
ocsp Make OCSP_id_cmp and OCSP_id_issuer_cmp accept const params 2019-03-28 10:00:11 +00:00
pem Fix the allocation size in EVP_OpenInit and PEM_SignFinal 2019-04-06 10:20:10 +02:00
perlasm Update copyright year 2019-02-26 14:05:09 +00:00
pkcs7 Update copyright year 2018-09-11 13:45:17 +01:00
pkcs12 Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
poly1305 deps: add s390 asm rules for OpenSSL-1.1.1 2019-03-01 08:41:26 +01:00
rand Revert "crypto/rand/rand_win.c: include "e_os.h" to get the default _WIN32_WINNT" 2019-04-02 14:50:33 +02:00
rc2 Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
rc4 deps: add s390 asm rules for OpenSSL-1.1.1 2019-03-01 08:41:26 +01:00
rc5 Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
ripemd Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
rsa Avoid creating invalid rsa pss params 2019-04-10 20:24:57 +02:00
seed Update copyright year 2018-09-11 13:45:17 +01:00
sha fix truncation of integers on 32bit AIX 2019-03-11 14:47:00 +01:00
siphash Fix SipHash init order. 2018-11-12 07:16:58 +01:00
sm2 EVP module documentation pass 2018-10-17 13:31:59 +03:00
sm3 SM3: restructure to EVP internal and update doc to right location 2017-11-06 07:21:15 +08:00
sm4 SM4: Add SM4 block cipher to EVP 2017-10-31 15:19:14 +10:00
srp Update copyright year 2019-02-26 14:05:09 +00:00
stack Revert "stack/stack.c: omit redundant NULL checks." 2018-08-09 14:37:10 +01:00
store crypto/*: address standard-compilance nits. 2018-07-20 13:40:30 +02:00
ts Check conversion return in ASN1_INTEGER_print_bio. 2018-07-31 11:37:05 +10:00
txt_db Update copyright year 2018-04-03 13:57:12 +01:00
ui Update copyright year 2019-02-26 14:05:09 +00:00
whrlpool Harmonize the make variables across all known platforms families 2018-02-14 17:13:53 +01:00
x509 Fix crash in X509_STORE_CTX_get_by_subject 2019-04-09 10:31:20 +01:00
x509v3 Update copyright year 2018-09-11 13:45:17 +01:00
alphacpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm64cpuid.pl {arm64|x86_64}cpuid.pl: add special 16-byte case to OPENSSL_memcmp. 2018-06-03 21:15:18 +02:00
arm_arch.h Fix building linux-armv4 with --strict-warnings 2018-04-20 15:49:33 +02:00
armcap.c Update copyright year 2019-02-26 14:05:09 +00:00
armv4cpuid.pl Update copyright year 2018-05-01 13:34:30 +01:00
build.info Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
c64xpluscpuid.pl Many spelling fixes/typo's corrected. 2017-11-11 19:03:10 -05:00
cpt_err.c Fix last(?) batch of malloc-NULL places 2018-04-26 14:02:24 -04:00
cryptlib.c Update copyright year 2019-02-26 14:05:09 +00:00
ctype.c Check for EOF in ASCII conversions. 2017-08-25 06:42:17 +10:00
cversion.c Fix SOURCE_DATE_EPOCH bug; use UTC 2017-11-27 14:34:14 -05:00
dllmain.c Update copyright year 2018-09-11 13:45:17 +01:00
ebcdic.c Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
ex_data.c Ensure the thread keys are always allocated in the same order 2018-04-20 15:45:06 +02:00
getenv.c Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
ia64cpuid.S Fix typo in files in crypto folder 2017-08-05 20:42:06 +02:00
init.c Rework DSO API conditions and configuration option 2019-04-10 07:50:17 +02:00
LPdir_nyi.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_unix.c typo-fixes: miscellaneous typo fixes 2018-09-21 23:59:02 +02:00
LPdir_vms.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_win.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_win32.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
LPdir_wince.c Fix typo (note by oneton@users.github) 2017-06-20 08:15:00 -04:00
mem.c crypto/mem.c: switch to tsan_assist.h in CRYPTO_MDEBUG. 2018-08-07 09:08:50 +02:00
mem_clr.c Fix some style issues... 2016-08-02 09:59:23 +02:00
mem_dbg.c Update copyright year 2018-02-13 13:59:25 +00:00
mem_sec.c test/secmemtest: test secure memory only if it is implemented 2018-10-05 12:23:34 +02:00
mips_arch.h Fix compiling error for mips32r6 and mips64r6 2019-03-19 07:37:45 +01:00
o_dir.c Move e_os.h to be the very first include. 2017-08-30 07:20:44 +10:00
o_fips.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_fopen.c Add missing include file. 2018-09-17 12:54:20 +10:00
o_init.c Use "" not <> on e_os.h include 2017-08-22 11:07:56 -04:00
o_str.c openssl_strerror_r: Fix handling of GNU strerror_r 2019-03-04 10:11:05 +00:00
o_time.c Update copyright year 2018-04-03 13:57:12 +01:00
pariscid.pl PA-RISC assembly pack: make it work with GNU assembler for HP-UX. 2018-06-25 16:45:48 +02:00
ppc_arch.h Update copyright year 2019-02-26 14:05:09 +00:00
ppccap.c Update copyright year 2019-02-26 14:05:09 +00:00
ppccpuid.pl Update copyright year 2019-02-26 14:05:09 +00:00
s390x_arch.h s390x assembly pack: add KIMD/KLMD code path for sha3/shake 2018-08-06 12:04:52 +02:00
s390xcap.c s390x assembly pack: extend s390x capability vector. 2017-10-30 14:31:32 +01:00
s390xcpuid.pl s390x assembly pack: add KIMD/KLMD code path for sha3/shake 2018-08-06 12:04:52 +02:00
sparc_arch.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
sparccpuid.S Clean up references to FIPS 2017-02-28 15:26:25 +01:00
sparcv9cap.c Create a prototype for OPENSSL_rdtsc 2017-11-25 14:30:11 +01:00
threads_none.c crypto/threads_*: remove CRYPTO_atomic_{read|write}. 2018-08-17 12:40:39 +02:00
threads_pthread.c crypto/threads_*: remove CRYPTO_atomic_{read|write}. 2018-08-17 12:40:39 +02:00
threads_win.c Avoid linking error for InitializeCriticalSectionAndSpinCount(). 2019-03-29 10:02:06 +00:00
uid.c Update copyright year 2019-02-26 14:05:09 +00:00
vms_rms.h Copyright consolidation 09/10 2016-05-17 14:53:16 -04:00
x86_64cpuid.pl {arm64|x86_64}cpuid.pl: add special 16-byte case to OPENSSL_memcmp. 2018-06-03 21:15:18 +02:00
x86cpuid.pl Fix issues in ia32 RDRAND asm leading to reduced entropy 2018-03-08 10:27:49 -05:00