From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Wed, 4 Jan 2023 09:28:11 +0000 (+0200)
Subject: lib-dcrypt: istream-decrypt - Do not attempt to get digest length after finalizing... 
X-Git-Tag: 2.4.0~3243
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=29a8c56bf03f6e37b9ada72a5af320e0b75f96f8;p=thirdparty%2Fdovecot%2Fcore.git

lib-dcrypt: istream-decrypt - Do not attempt to get digest length after finalizing hmac context

This breaks with OpenSSL 3.0 because the internal context is free'd
after finalization.

Broken in d352e5545a9422f3b0d74fd40d94c9f9a0770fb7
---

diff --git a/src/lib-dcrypt/istream-decrypt.c b/src/lib-dcrypt/istream-decrypt.c
index 32c7037e1e..b6c90b993f 100644
--- a/src/lib-dcrypt/istream-decrypt.c
+++ b/src/lib-dcrypt/istream-decrypt.c
@@ -941,7 +941,8 @@ i_stream_decrypt_read(struct istream_private *stream)
 		if (check_mac) {
 			if ((dstream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) ==
 				IO_STREAM_ENC_INTEGRITY_HMAC) {
-				unsigned char dgst[dcrypt_ctx_hmac_get_digest_length(dstream->ctx_mac)];
+				size_t maclen = dcrypt_ctx_hmac_get_digest_length(dstream->ctx_mac);
+				unsigned char dgst[maclen];
 				buffer_t db;
 				buffer_create_from_data(&db, dgst, sizeof(dgst));
 				if (!dcrypt_ctx_hmac_final(dstream->ctx_mac, &db, &error)) {
@@ -950,8 +951,7 @@ i_stream_decrypt_read(struct istream_private *stream)
 					stream->istream.stream_errno = EIO;
 					return -1;
 				}
-				if (memcmp(dgst, data + decrypt_size,
-					dcrypt_ctx_hmac_get_digest_length(dstream->ctx_mac)) != 0) {
+				if (memcmp(dgst, data + decrypt_size, maclen) != 0) {
 					io_stream_set_error(&stream->iostream,
 						"Cannot verify MAC: mismatch");
 					stream->istream.stream_errno = EIO;