Don't call memcpy if len is zero.

Prevent undefined behavior in CRYPTO_cbc128_encrypt: calling this function with the 'len' parameter being 0 would result in a memcpy where the source and destination parameters are the same, which is undefined behavior. Do same for AES_ige_encrypt. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2671)
author: Rich Salz <rsalz@openssl.org> 2017-02-20 19:17:53 -0500
committer: Rich Salz <rsalz@openssl.org> 2017-02-20 19:17:53 -0500
commit: b1498c98f3fb5b8a340acc9ce20b0fd5346294e5 (patch)
tree: f309540be655ed567f17a6e48aa0e51aee63c79f /crypto/modes/cbc128.c
parent: d913a0557f040e54120d028ced0a29767f7b12bb (diff)
download: openssl-new-b1498c98f3fb5b8a340acc9ce20b0fd5346294e5.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c
index 4c9bc85eab..4ce5eb2ae3 100644
--- a/crypto/modes/cbc128.c
+++ b/crypto/modes/cbc128.c
@@ -22,6 +22,9 @@ void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
     size_t n;
     const unsigned char *iv = ivec;
 
+    if (len == 0)
+        return;
+
 #if !defined(OPENSSL_SMALL_FOOTPRINT)
     if (STRICT_ALIGNMENT &&
         ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
@@ -73,6 +76,9 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
         unsigned char c[16];
     } tmp;
 
+    if (len == 0)
+        return;
+
 #if !defined(OPENSSL_SMALL_FOOTPRINT)
     if (in != out) {
         const unsigned char *iv = ivec;
author	Rich Salz <rsalz@openssl.org>	2017-02-20 19:17:53 -0500
committer	Rich Salz <rsalz@openssl.org>	2017-02-20 19:17:53 -0500
commit	b1498c98f3fb5b8a340acc9ce20b0fd5346294e5 (patch)
tree	f309540be655ed567f17a6e48aa0e51aee63c79f /crypto/modes/cbc128.c
parent	d913a0557f040e54120d028ced0a29767f7b12bb (diff)
download	openssl-new-b1498c98f3fb5b8a340acc9ce20b0fd5346294e5.tar.gz