Fix usage of custom EVP_CIPHER objects

If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it should be used in preference to a fetched cipher. We also fix a possible NULL pointer deref in the same code for digests. If the custom cipher passed to EVP_CipherInit() happens to use NID_undef (which should be a discouraged practice), then in the previous implementation this could result in the NULL cipher being fetched and hence NULL encryption being unexpectedly used. CVE-2022-3358 Fixes #18970 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19300)
2025-01-24 13:55:42 +08:00 · 2022-08-10 15:31:00 +01:00 · 2022-08-10 15:31:00 +01:00 · 25d47cccf2
commit 25d47cccf2
parent fcae2ae4f6
2 changed files with 7 additions and 4 deletions
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@ -230,11 +230,12 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
 # endif
 #endif
            || (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0
-            || type->origin == EVP_ORIG_METH) {
+            || (type != NULL && type->origin == EVP_ORIG_METH)
+            || (type == NULL && ctx->digest != NULL
+                             && ctx->digest->origin == EVP_ORIG_METH)) {
        /* If we were using provided hash before, cleanup algctx */
        if (!evp_md_ctx_free_algctx(ctx))
            return 0;
-
        if (ctx->digest == ctx->fetched_digest)
            ctx->digest = NULL;
        EVP_MD_free(ctx->fetched_digest);
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@ -144,7 +144,10 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
 #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
            || tmpimpl != NULL
 #endif
-            || impl != NULL) {
+            || impl != NULL
+            || (cipher != NULL && cipher->origin == EVP_ORIG_METH)
+            || (cipher == NULL && ctx->cipher != NULL
+                               && ctx->cipher->origin == EVP_ORIG_METH)) {
        if (ctx->cipher == ctx->fetched_cipher)
            ctx->cipher = NULL;
        EVP_CIPHER_free(ctx->fetched_cipher);
@ -160,7 +163,6 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
        ctx->cipher_data = NULL;
    }

-
    /* Start of non-legacy code below */

    /* Ensure a context left lying around from last time is cleared */