From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 26 Jul 2016 15:51:49 +0000 (+0100)
Subject: Set error if EVP_CipherUpdate fails.
X-Git-Tag: OpenSSL_1_0_2i~102
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=97a7b2ebd97fcacbf354de22496f4d19eb81e515;p=oweals%2Fopenssl.git

Set error if EVP_CipherUpdate fails.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit ee6ce5cc368574c0b0b470e61ee2f82a0efadbb7)

Conflicts:
	crypto/evp/bio_enc.c
---

diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index 363e0246ae..590f236e8f 100644
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -201,9 +201,14 @@ static int enc_read(BIO *b, char *out, int outl)
                 break;
             }
         } else {
-            EVP_CipherUpdate(&(ctx->cipher),
-                             (unsigned char *)ctx->buf, &ctx->buf_len,
-                             (unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
+            if (!EVP_CipherUpdate(&ctx->cipher,
+                                  (unsigned char *)ctx->buf, &ctx->buf_len,
+                                  (unsigned char *)&(ctx->buf[BUF_OFFSET]),
+                                  i)) {
+                BIO_clear_retry_flags(b);
+                ctx->ok = 0;
+                return 0;
+            }
             ctx->cont = 1;
             /*
              * Note: it is possible for EVP_CipherUpdate to decrypt zero