forked from wolfSSL/wolfssl
Merge pull request #2226 from tmael/defectEVP
Verify input parameters of EVP_CipherFinal
This commit is contained in:
JacobBarthelmeh
GitHub
@ -408,7 +408,9 @@ WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
|
|||||||
unsigned char *out, int *outl)
|
unsigned char *out, int *outl)
|
||||||
{
|
{
|
||||||
int fl;
|
int fl;
|
||||||
if (ctx == NULL || out == NULL) return BAD_FUNC_ARG;
|
if (ctx == NULL || out == NULL || outl == NULL || (*outl < 0))
|
||||||
|
return BAD_FUNC_ARG;
|
||||||
|
|
||||||
WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal");
|
WOLFSSL_ENTER("wolfSSL_EVP_CipherFinal");
|
||||||
if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
|
if (ctx->flags & WOLFSSL_EVP_CIPH_NO_PADDING) {
|
||||||
if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
|
if (ctx->bufUsed != 0) return WOLFSSL_FAILURE;
|
||||||
@ -446,6 +448,10 @@ WOLFSSL_API int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
|
|||||||
*outl = fl;
|
*outl = fl;
|
||||||
} else return 0;
|
} else return 0;
|
||||||
}
|
}
|
||||||
|
/* return error in cases where the block length is incorrect */
|
||||||
|
if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
|
||||||
|
return WOLFSSL_FAILURE;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user