From: Matt Caswell <matt@openssl.org>
Date: Tue, 26 Mar 2019 15:25:15 +0000 (+0000)
Subject: Tolerate 0 byte input length for Update functions
X-Git-Tag: openssl-3.0.0-alpha1~2304
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a8274ea351988aa754cb9983b27d7059613ee11e;p=thirdparty%2Fopenssl.git

Tolerate 0 byte input length for Update functions

We treat that as automatic success. Other EVP_*Update functions already do
this (e.g. EVP_EncryptUpdate, EVP_DecryptUpdate etc). EVP_EncodeUpdate is
a bit of an anomoly. That treats 0 byte input length as an error.

Fixes #8576

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8587)
---

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index d4b481443c..7b4972553b 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -259,6 +259,9 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 
 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
 {
+    if (count == 0)
+        return 1;
+
     if (ctx->digest == NULL || ctx->digest->prov == NULL)
         goto legacy;
 
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 2f46277bf0..39efff0842 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -82,6 +82,8 @@ int EVP_MAC_init(EVP_MAC_CTX *ctx)
 
 int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
 {
+    if (datalen == 0)
+        return 1;
     return ctx->meth->update(ctx->data, data, datalen);
 }