projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
check length sanity before correcting in EVP_CTRL_AEAD_TLS1_AAD
[oweals/openssl.git]
/
crypto
/
evp
/
e_aes_cbc_hmac_sha1.c
diff --git
a/crypto/evp/e_aes_cbc_hmac_sha1.c
b/crypto/evp/e_aes_cbc_hmac_sha1.c
index a3c8951f5c0acac524625b17cbbd9cd504f7d087..3721751c8033e9bc1d320c7581402eb8956fba86 100644
(file)
--- a/
crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/
crypto/evp/e_aes_cbc_hmac_sha1.c
@@
-809,6
+809,8
@@
static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
key->payload_length = len;
if ((key->aux.tls_ver =
p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+ if (len < AES_BLOCK_SIZE)
+ return 0;
len -= AES_BLOCK_SIZE;
p[arg - 2] = len >> 8;
p[arg - 1] = len;