speed: Always reset the outlen when calling EVP_PKEY_derive

author Tomas Mraz <tomas@openssl.org>

Mon, 11 Jul 2022 10:49:56 +0000 (12:49 +0200)

committer Hugo Landau <hlandau@openssl.org>

Wed, 13 Jul 2022 06:35:55 +0000 (07:35 +0100)
author Tomas Mraz <tomas@openssl.org>
Mon, 11 Jul 2022 10:49:56 +0000 (12:49 +0200)
committer Hugo Landau <hlandau@openssl.org>
Wed, 13 Jul 2022 06:35:55 +0000 (07:35 +0100)
diff --git a/apps/speed.c b/apps/speed.c

index 65220d31f1a8275b6e5d433f9ae50fe4df5f1ed4..3d9e7479003e0ef2504baaf4eaefd003f004ea71 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -880,11 +880,14 @@ static int FFDH_derive_key_loop(void *args)
      loopargs_t *tempargs = *(loopargs_t **) args;
      EVP_PKEY_CTX *ffdh_ctx = tempargs->ffdh_ctx[testnum];
      unsigned char *derived_secret = tempargs->secret_ff_a;
-    size_t outlen = MAX_FFDH_SIZE;
      int count;
  
-    for (count = 0; COND(ffdh_c[testnum][0]); count++)
+    for (count = 0; COND(ffdh_c[testnum][0]); count++) {
+        /* outlen can be overwritten with a too small value (no padding used) */
+        size_t outlen = MAX_FFDH_SIZE;
+
          EVP_PKEY_derive(ffdh_ctx, derived_secret, &outlen);
+    }
      return count;
  }
  #endif /* OPENSSL_NO_DH */
author	Tomas Mraz <tomas@openssl.org>
	Mon, 11 Jul 2022 10:49:56 +0000 (12:49 +0200)
committer	Hugo Landau <hlandau@openssl.org>
	Wed, 13 Jul 2022 06:35:55 +0000 (07:35 +0100)