lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-29 01:03:57 +03:00
Code Activity

libcrypto: add NULL-check for EVP_CIPHER_CTX_cleanup

Browse Source 
On OpenSSL versions prior to 1.1.0, `EVP_CIPHER_CTX_cleanup` will
dereference its argument regardless of whether it is NULL.  This
is not a problem on OpenSSL at or beyond 1.1.0, where
`EVP_CIPHER_CTX_cleanup` (macro to `EVP_CIPHER_CTX_reset`) returns
early upon NULL input.

Move the call to `EVP_CIPHER_CTX_cleanup` under the existing NULL
check in `evp_cipher_cleanup` to avoid the problem.

Introduced with this build-break fix:
 * e66f370682

Found in manual testing in an environment with an older OpenSSL.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jon Simons
2017-07-19 17:53:14 -04:00
committed by Andreas Schneider
parent 380390c4b6
commit c317d95911
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/libcrypto.c
View File

@@ -553,8 +553,8 @@ static void evp_cipher_decrypt(struct ssh_cipher_struct *cipher,
} }
static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) { static void evp_cipher_cleanup(struct ssh_cipher_struct *cipher) {
EVP_CIPHER_CTX_cleanup(cipher->ctx);
if (cipher->ctx != NULL) { if (cipher->ctx != NULL) {
EVP_CIPHER_CTX_cleanup(cipher->ctx);
EVP_CIPHER_CTX_free(cipher->ctx); EVP_CIPHER_CTX_free(cipher->ctx);
} }
} }