mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
d23adad113
EVP_CIPHER_CTX_set_keylen() was succeeding even though a bad key length is passed to it. This is because the set_ctx_params() were all accepting this parameter and blindly changing the keylen even though the cipher did not accept a variable key length. Even removing this didn't entirely resolve the issue because set_ctx_params() functions succeed even if passed a parameter they do not recognise. This should fix various issues found by OSSfuzz/Cryptofuzz. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10449) |
||
---|---|---|
.. | ||
ciphers | ||
digests | ||
include/prov | ||
build.info | ||
nid_to_name.c | ||
provider_err.c | ||
provider_util.c |