From fd1ea63f9fcababfc4d4ea38ad5dd49a76fa6023 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Mon, 20 Feb 2017 19:17:53 -0500 Subject: [PATCH] Don't call memcpy if len is zero. Prevent undefined behavior in CRYPTO_cbc128_encrypt: calling this function with the 'len' parameter being 0 would result in a memcpy where the source and destination parameters are the same, which is undefined behavior. Do same for AES_ige_encrypt. Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2671) (cherry picked from commit b1498c98f3fb5b8a340acc9ce20b0fd5346294e5) --- crypto/aes/aes_ige.c | 3 +++ crypto/modes/cbc128.c | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/crypto/aes/aes_ige.c b/crypto/aes/aes_ige.c index 9125264ed9..75f796cf3b 100644 --- a/crypto/aes/aes_ige.c +++ b/crypto/aes/aes_ige.c @@ -41,6 +41,9 @@ void AES_ige_encrypt(const unsigned char *in, unsigned char *out, size_t n; size_t len = length; + if (length == 0) + return; + OPENSSL_assert(in && out && key && ivec); OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc)); OPENSSL_assert((length % AES_BLOCK_SIZE) == 0); diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c index 4c9bc85eab..4ce5eb2ae3 100644 --- a/crypto/modes/cbc128.c +++ b/crypto/modes/cbc128.c @@ -22,6 +22,9 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out, size_t n; const unsigned char *iv = ivec; + if (len == 0) + return; + #if !defined(OPENSSL_SMALL_FOOTPRINT) if (STRICT_ALIGNMENT && ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) { @@ -73,6 +76,9 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out, unsigned char c[16]; } tmp; + if (len == 0) + return; + #if !defined(OPENSSL_SMALL_FOOTPRINT) if (in != out) { const unsigned char *iv = ivec; -- 2.25.1