New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add appropriate NULL checks in EVP_CIPHER api #22995
Conversation
The EVP_CIPHER api currently assumes that calls made into several APIs have already initalized the cipher in a given context via a call to EVP_CipherInit[_ex[2]]. If that hasnt been done, instead of an error, the result is typically a SIGSEGV. Correct that by adding missing NULL checks in the apropriate apis prior to using ctx->cipher
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Someone pointed out the getters crashing just recently...
EVP_CIPHER_CTX_get_key_length() has the same issue.
I would expect to see coverage tests..
make sure that we get the expected error codes when we do bad things, rather than a crash
test added, removing hold on tests |
doc/man3/EVP_EncryptInit.pod
Outdated
B<EVP_CIPHER_CTX>. It will return zero if the cipher does not use an IV, or -1 | ||
in the event an error occurs (such as the cipher not yet being initalized). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please no. I'm putting OTC hold on this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Above issues fixed
OTC: Is it ok to introduce negative result of a function that could have never returned it before? Concretely we are talking about EVP_CIPHER_get_iv_length() here. |
OTC: Because of backwards compatibility reasons we should return 0 in case of error from EVP_CIPHER_get_iv_length(). We should add history note for EVP_CIPHER_get_iv_length() and EVP_CIPHER_get_block_size() about the error values being now returned. |
This pull request is ready to merge |
merged. |
The EVP_CIPHER api currently assumes that calls made into several APIs have already initalized the cipher in a given context via a call to EVP_CipherInit[_ex[2]]. If that hasnt been done, instead of an error, the result is typically a SIGSEGV. Correct that by adding missing NULL checks in the apropriate apis prior to using ctx->cipher Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #22995)
make sure that we get the expected error codes when we do bad things, rather than a crash Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #22995)
The EVP_CIPHER api currently assumes that calls made into several APIs have already initalized the cipher in a given context via a call to EVP_CipherInit[_ex[2]]. If that hasnt been done, instead of an error, the result is typically a SIGSEGV.
Correct that by adding missing NULL checks in the apropriate apis prior to using ctx->cipher
Checklist