From: Bernd Edlinger Date: Tue, 2 Jun 2020 09:52:24 +0000 (+0200) Subject: Fix a buffer overflow in drbg_ctr_generate X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=e6a80cbad28ee748830815634917efe96948f2f3;p=oweals%2Fopenssl.git Fix a buffer overflow in drbg_ctr_generate This can happen if the 32-bit counter overflows and the last block is not a multiple of 16 bytes. Fixes #12012 [extended tests] Reviewed-by: Tomas Mraz Reviewed-by: Patrick Steuer Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/12016) (cherry picked from commit 42fa3e66697baa121220b4eacf03607280e4ff89) --- diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c index 89c9ccc876..a757d0a258 100644 --- a/crypto/rand/drbg_ctr.c +++ b/crypto/rand/drbg_ctr.c @@ -367,9 +367,11 @@ __owur static int drbg_ctr_generate(RAND_DRBG *drbg, ctr32 = GETU32(ctr->V + 12) + blocks; if (ctr32 < blocks) { /* 32-bit counter overflow into V. */ - blocks -= ctr32; - buflen = blocks * 16; - ctr32 = 0; + if (ctr32 != 0) { + blocks -= ctr32; + buflen = blocks * 16; + ctr32 = 0; + } ctr96_inc(ctr->V); } PUTU32(ctr->V + 12, ctr32);