openssl-1_1/openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch

---
 crypto/evp/e_aes.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -2742,6 +2742,9 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX
 {
     EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
 
+    if (!len)
+        return 1;
+
     if (dat->stream.cbc)
         (*dat->stream.cbc) (in, out, len, &dat->ks,
                             EVP_CIPHER_CTX_iv_noconst(ctx),
Accepting request 1100559 from home:ohollmann:branches:security:tls - Dont pass zero length input to EVP_Cipher because assembler optimized AES cannot handle zero size. [bsc#1213517] * Add openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch OBS-URL: https://build.opensuse.org/request/show/1100559 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=140 2023-07-25 10:04:18 +02:00			`---`
			`crypto/evp/e_aes.c \| 3 +++`
			`1 file changed, 3 insertions(+)`

			`--- a/crypto/evp/e_aes.c`
			`+++ b/crypto/evp/e_aes.c`
			`@@ -2742,6 +2742,9 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX`
			`{`
			`EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);`

			`+ if (!len)`
			`+ return 1;`
			`+`
			`if (dat->stream.cbc)`
			`(*dat->stream.cbc) (in, out, len, &dat->ks,`
			`EVP_CIPHER_CTX_iv_noconst(ctx),`