The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1
the issue has been introduced with openssl 3.0.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24753)
(cherry picked from commit
ad33d62396b7e9db04fdf060481ced394d391688)
/* Code below to be removed when legacy support is dropped. */
legacy:
- return ctx->update(ctx, data, count);
+ return ctx->update != NULL ? ctx->update(ctx, data, count) : 0;
}
/* The caller can assume that this removes any secret data from the context */
}
#endif
+static int test_invalid_ctx_for_digest(void)
+{
+ int ret;
+ EVP_MD_CTX *mdctx;
+
+ mdctx = EVP_MD_CTX_new();
+ if (!TEST_ptr(mdctx))
+ return 0;
+
+ if (!TEST_int_eq(EVP_DigestUpdate(mdctx, "test", sizeof("test") - 1), 0))
+ ret = 0;
+ else
+ ret = 1;
+
+ EVP_MD_CTX_free(mdctx);
+
+ return ret;
+}
+
int setup_tests(void)
{
OPTION_CHOICE o;
ADD_TEST(test_aes_rc4_keylen_change_cve_2023_5363);
#endif
+ ADD_TEST(test_invalid_ctx_for_digest);
+
return 1;
}
projects / thirdparty / openssl.git / commitdiff
