From 236a99a40994fc323c6afd30f34e9724a05edfb6 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 27 Feb 2012 15:22:54 +0000 Subject: [PATCH] Detect symmetric crypto errors in PKCS7_decrypt. Thanks to Ivan Nestlerode for reporting this bug. --- crypto/pkcs7/pk7_smime.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index 86742d0dcd..0ed0feae5d 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -573,15 +573,30 @@ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) return 0; } ret = SMIME_text(bread, data); + if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) + { + if (!BIO_get_cipher_status(tmpmem)) + ret = 0; + } BIO_free_all(bread); return ret; } else { for(;;) { i = BIO_read(tmpmem, buf, sizeof(buf)); - if(i <= 0) break; + if(i <= 0) + { + ret = 1; + if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) + { + if (!BIO_get_cipher_status(tmpmem)) + ret = 0; + } + + break; + } BIO_write(data, buf, i); } BIO_free_all(tmpmem); - return 1; + return ret; } } -- 2.25.1