QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-14 18:39:40 +00:00
Code Issues Projects Releases Wiki Activity

evp/bio_enc.c: perform enc_read operation without using overlapping buffers.

Browse Source 
Reviewed-by: Stephen Henson <steve@openssl.org>
This commit is contained in:
Andy Polyakov 2016-07-25 15:04:33 +02:00
parent 382bb0b294
commit abdb460d8a
1 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
crypto/evp/bio_enc.c
View File

@ -40,7 +40,7 @@ typedef struct enc_struct {
* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return
* up to a block more data than is presented to it * up to a block more data than is presented to it
*/ */
char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2]; unsigned char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
} BIO_ENC_CTX; } BIO_ENC_CTX;
static const BIO_METHOD methods_enc = { static const BIO_METHOD methods_enc = {
@ -136,32 +136,50 @@ static int enc_read(BIO *b, char *out, int outl)
*/ */
while (outl > 0) { while (outl > 0) {
int buf_len;
if (ctx->cont <= 0) if (ctx->cont <= 0)
break; break;
buf_len = outl + EVP_MAX_BLOCK_LENGTH - 1;
buf_len -= buf_len % EVP_MAX_BLOCK_LENGTH;
if (buf_len > ENC_BLOCK_SIZE) {
buf_len = ENC_BLOCK_SIZE;
}
/* /*
* read in at IV offset, read the EVP_Cipher documentation about why * read in at IV offset, read the EVP_Cipher documentation about why
*/ */
i = BIO_read(next, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE); i = BIO_read(next, &(ctx->buf[BUF_OFFSET]), buf_len);
if (i <= 0) { if (i <= 0) {
/* Should be continue next time we are called? */ /* Should be continue next time we are called? */
if (!BIO_should_retry(next)) { if (!BIO_should_retry(next)) {
ctx->cont = i; ctx->cont = i;
i = EVP_CipherFinal_ex(ctx->cipher, i = EVP_CipherFinal_ex(ctx->cipher,
(unsigned char *)ctx->buf, ctx->buf, &(ctx->buf_len));
&(ctx->buf_len));
ctx->ok = i; ctx->ok = i;
ctx->buf_off = 0; ctx->buf_off = 0;
} else { } else {
ret = (ret == 0) ? i : ret; ret = (ret == 0) ? i : ret;
break; break;
} }
} else if (outl >= EVP_MAX_BLOCK_LENGTH) {
if (!EVP_CipherUpdate(ctx->cipher,
(unsigned char *)out, &buf_len,
&(ctx->buf[BUF_OFFSET]), i)) {
BIO_clear_retry_flags(b);
return 0;
}
ret += buf_len;
outl -= buf_len;
out += buf_len;
continue;
} else { } else {
if (!EVP_CipherUpdate(ctx->cipher, if (!EVP_CipherUpdate(ctx->cipher,
(unsigned char *)ctx->buf, &ctx->buf_len, ctx->buf, &ctx->buf_len,
(unsigned char *)&(ctx->buf[BUF_OFFSET]), &(ctx->buf[BUF_OFFSET]), i)) {
i)) {
BIO_clear_retry_flags(b); BIO_clear_retry_flags(b);
ctx->ok = 0; ctx->ok = 0;
return 0; return 0;
@ -228,8 +246,8 @@ static int enc_write(BIO *b, const char *in, int inl)
while (inl > 0) { while (inl > 0) {
n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl; n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
if (!EVP_CipherUpdate(ctx->cipher, if (!EVP_CipherUpdate(ctx->cipher,
(unsigned char *)ctx->buf, &ctx->buf_len, ctx->buf, &ctx->buf_len,
(unsigned char *)in, n)) { (const unsigned char *)in, n)) {
BIO_clear_retry_flags(b); BIO_clear_retry_flags(b);
ctx->ok = 0; ctx->ok = 0;
return 0; return 0;