From d4d89a076262aa118c07a4766daf17202aef17f0 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 24 May 2019 17:35:04 -0400 Subject: [PATCH] Fix input checks wrt legacy code In all legacy code ctx->cipher is dereferenced without checks, so it makes no sense to jump there is ctx->cipher is NULL as it will just lead to a crash. Catch it separately and return an error. This is simlar to the fix in d2c2e49eab69c7446c1c2c7227f63f8618ca99a5 Signed-off-by: Simo Sorce Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9002) --- crypto/evp/evp_enc.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index b3e97d005d..02f0e00563 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -587,7 +587,12 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, return 0; } - if (ctx->cipher == NULL || ctx->cipher->prov == NULL) + if (ctx->cipher == NULL) { + EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_NO_CIPHER_SET); + return 0; + } + + if (ctx->cipher->prov == NULL) goto legacy; blocksize = EVP_CIPHER_CTX_block_size(ctx); @@ -831,7 +836,12 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return 0; } - if (ctx->cipher == NULL || ctx->cipher->prov == NULL) + if (ctx->cipher == NULL) { + EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_NO_CIPHER_SET); + return 0; + } + + if (ctx->cipher->prov == NULL) goto legacy; blocksize = EVP_CIPHER_CTX_block_size(ctx); @@ -858,11 +868,6 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) legacy: *outl = 0; - if (ctx->cipher == NULL) { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_NO_CIPHER_SET); - return 0; - } - if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) { i = ctx->cipher->do_cipher(ctx, out, NULL, 0); if (i < 0) -- 2.25.1