Fix the overlapping check for fragmented "Update" operations

[thirdparty/openssl.git] / crypto / evp / e_aes.c

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index d3be6a086aaaefe872fd85af9feaaed9dc2f1514..c0b0a1ebafe742e7a83dc45863d8f603fac9da86 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -17,6 +17,7 @@
 #include "internal/evp_int.h"
 #include "modes_lcl.h"
 #include <openssl/rand.h>
+#include "evp_locl.h"
 
 typedef struct {
     union {
@@ -2233,6 +2234,10 @@ static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     /* If not padding input must be multiple of 8 */
     if (!pad && inlen & 0x7)
         return -1;
+    if (is_partially_overlapping(out, in, inlen)) {
+        EVPerr(EVP_F_AES_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING);
+        return 0;
+    }
     if (!out) {
         if (EVP_CIPHER_CTX_encrypting(ctx)) {
             /* If padding round up to multiple of 8 */
@@ -2551,6 +2556,11 @@ static int aes_ocb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         } else {
             buf = octx->data_buf;
             buf_len = &(octx->data_buf_len);
+
+            if (is_partially_overlapping(out + *buf_len, in, len)) {
+                EVPerr(EVP_F_AES_OCB_CIPHER, EVP_R_PARTIALLY_OVERLAPPING);
+                return 0;
+            }
         }
 
         /*