pool/openssl-1_1
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f67c9ebf89
openssl-1_1/openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch
Otto Hollmann a620e0aeaf Accepting request 1100559 from home:ohollmann:branches:security:tls 
- Dont pass zero length input to EVP_Cipher because assembler
  optimized AES cannot handle zero size. [bsc#1213517]
  * Add openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch

OBS-URL: https://build.opensuse.org/request/show/1100559
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=140
2023-07-25 08:04:18 +00:00

17 lines
416 B
Diff
Raw Blame History

---
crypto/evp/e_aes.c | 3 +++
1 file changed, 3 insertions(+)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -2742,6 +2742,9 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX
{
EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
+ if (!len)
+ return 1;
+
if (dat->stream.cbc)
(*dat->stream.cbc) (in, out, len, &dat->ks,
EVP_CIPHER_CTX_iv_noconst(ctx),
Reference in New Issue View Git Blame Copy Permalink