Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Initialize outl in evp_enc.c to 0, protect against NULL #13268

Closed
wants to merge 1 commit into from
Closed

Initialize outl in evp_enc.c to 0, protect against NULL #13268

wants to merge 1 commit into from

Conversation

jwalch
Copy link
Contributor

@jwalch jwalch commented Oct 29, 2020

Fixes #12734

mattcaswell
mattcaswell reviewed Oct 29, 2020
View reviewed changes
crypto/evp/evp_enc.c Outdated Show resolved Hide resolved
@jwalch jwalch closed this Oct 29, 2020
@jwalch jwalch reopened this Oct 29, 2020
mattcaswell
mattcaswell requested changes Oct 29, 2020
View reviewed changes
crypto/evp/evp_enc.c Outdated
if (outl != NULL) {
*outl = 0;
} else {
EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_INVALID_NULL_OUTL);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The existing ERR_R_PASSED_NULL_PARAMETER is probably better

@mattcaswell mattcaswell added the approval: review pending This pull request needs review by a committer label Oct 30, 2020
@t8m t8m added approval: done This pull request has the required number of approvals branch: master Merge to master branch and removed approval: review pending This pull request needs review by a committer labels Oct 30, 2020
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Oct 31, 2020
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

openssl-machine pushed a commit that referenced this pull request Nov 2, 2020
@jwalch @t8m
Initialize outl in evp_enc.c to 0, protect against NULL
3d4c81b 
Fixes #12734

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from #13268)
@t8m
Copy link
Member

t8m commented Nov 2, 2020

Merged, thank you for the contribution.

@t8m t8m closed this Nov 2, 2020
@jwalch jwalch deleted the init-outl branch November 2, 2020 18:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@t8m t8m t8m approved these changes

@mattcaswell mattcaswell mattcaswell approved these changes

Assignees
No one assigned
Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

EVP_DecryptFinal_ex() no longer explicitly sets outl to 0 in some failure paths.
4 participants
@jwalch @openssl-machine @t8m @mattcaswell