EVP_*Update: ensure that input NULL with length 0 isn't passed
authorRichard Levitte <levitte@openssl.org>
Thu, 4 Apr 2019 23:22:14 +0000 (01:22 +0200)
committerRichard Levitte <levitte@openssl.org>
Wed, 10 Apr 2019 05:53:32 +0000 (07:53 +0200)
commit130b7df2db7d35af75ddf56046afdd1a57a2aea8
treef7f9e3a53164d1d53ba6d58e8e65def3d45f0c7a
parent5fba3afad01707f4a8856a35500de007a8a256ec
EVP_*Update: ensure that input NULL with length 0 isn't passed

Even with custome ciphers, the combination in == NULL && inl == 0
should not be passed down to the backend cipher function.  The reason
is that these are the values passed by EVP_*Final, and some of the
backend cipher functions do check for these to see if a "final" call
is made.

Fixes #8675

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8676)

(cherry picked from commit dcb982d792d6064ed3493e79749208d8c257ff04)
crypto/evp/evp_enc.c