[PATCH] crypto/evp/e_des3: Fix integer overflow

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] crypto/evp/e_des3: Fix integer overflow

Yuriy Kaminskiy
Hardly practical issue (and nobody cares about 3des), but. Affects openssl >= 1.0.0.

>From ad7d45569052656f158344999938d1ebcd29bce0 Mon Sep 17 00:00:00 2001
From: "Yuriy M. Kaminskiy" <[hidden email]>
Date: Sun, 22 Sep 2013 02:57:33 +0400
Subject: [PATCH] evp/e_des3: Fix integer overflow

...when processing more than 3*EVP_MAXCHUNK
Regression by b444ac3e6f04aec13aa0c19983291b0326feb7f9.
---
 crypto/evp/e_des3.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 1e69972..8d7b7de 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -101,7 +101,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
       const unsigned char *in, size_t inl)
 {
- if (inl>=EVP_MAXCHUNK)
+ while (inl>=EVP_MAXCHUNK)
  {
  DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
        &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
@@ -132,7 +132,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
  printf("\n");
  }
 #endif    /* KSSL_DEBUG */
- if (inl>=EVP_MAXCHUNK)
+ while (inl>=EVP_MAXCHUNK)
  {
  DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
      &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
@@ -151,7 +151,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
       const unsigned char *in, size_t inl)
 {
- if (inl>=EVP_MAXCHUNK)
+ while (inl>=EVP_MAXCHUNK)
  {
  DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
        &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
--

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] crypto/evp/e_des3: Fix integer overflow

Andy Polyakov-2
> Hardly practical issue (and nobody cares about 3des), but. Affects openssl >= 1.0.0.

Thanks. Applied.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]