mirror of
https://github.com/openssl/openssl.git
synced 2025-01-18 13:44:20 +08:00
Don't access memory before checking the correct length in aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD.
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3023)
This commit is contained in:
parent
643a358042
commit
1b6f5a4d3b
@ -777,11 +777,13 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
|
||||
case EVP_CTRL_AEAD_TLS1_AAD:
|
||||
{
|
||||
unsigned char *p = ptr;
|
||||
unsigned int len = p[arg - 2] << 8 | p[arg - 1];
|
||||
unsigned int len;
|
||||
|
||||
if (arg != EVP_AEAD_TLS1_AAD_LEN)
|
||||
return -1;
|
||||
|
||||
len = p[arg - 2] << 8 | p[arg - 1];
|
||||
|
||||
if (EVP_CIPHER_CTX_encrypting(ctx)) {
|
||||
key->payload_length = len;
|
||||
if ((key->aux.tls_ver =
|
||||
|
Loading…
Reference in New Issue
Block a user