From: Weidong Wang Date: Sat, 21 Mar 2026 15:41:49 +0000 (-0500) Subject: Fix missing EVP_CIPHER_get_iv_length() guard in PKCS5_pbe2_set_scrypt X-Git-Tag: openssl-4.0.0~96 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b3a1adf8dbe3ed6ac2f405960c9ecc755ac6ca36;p=thirdparty%2Fopenssl.git Fix missing EVP_CIPHER_get_iv_length() guard in PKCS5_pbe2_set_scrypt Store the return value of EVP_CIPHER_get_iv_length() in a local variable and guard with (ivlen > 0) before passing to memcpy/RAND_bytes, matching the pattern already used in p5_pbev2.c. Without this, a negative return value (-1) is implicitly converted to SIZE_MAX when cast to size_t, causing a stack buffer overflow on iv[EVP_MAX_IV_LENGTH]. Reviewed-by: Paul Dale Reviewed-by: Eugene Syromiatnikov MergeDate: Fri Mar 27 16:14:09 2026 (Merged from https://github.com/openssl/openssl/pull/30510) (cherry picked from commit 3e903838e341e9fc884c4d87e4a295d4a722414b) --- diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c index e52e124bebd..64980a1a684 100644 --- a/crypto/asn1/p5_scrypt.c +++ b/crypto/asn1/p5_scrypt.c @@ -46,7 +46,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, uint64_t p) { X509_ALGOR *scheme = NULL, *ret = NULL; - int alg_nid; + int alg_nid, ivlen; size_t keylen = 0; EVP_CIPHER_CTX *ctx = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; @@ -85,10 +85,11 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher, } /* Create random IV */ - if (EVP_CIPHER_get_iv_length(cipher)) { + ivlen = EVP_CIPHER_get_iv_length(cipher); + if (ivlen > 0) { if (aiv) - memcpy(iv, aiv, EVP_CIPHER_get_iv_length(cipher)); - else if (RAND_bytes(iv, EVP_CIPHER_get_iv_length(cipher)) <= 0) + memcpy(iv, aiv, ivlen); + else if (RAND_bytes(iv, ivlen) <= 0) goto err; }