]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4da8401)
pkcs5: Fail decryption if data is empty
authorTobias Brunner <tobias@strongswan.org>
Wed, 25 Mar 2026 09:32:36 +0000 (10:32 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 21 Apr 2026 14:48:56 +0000 (16:48 +0200)
This avoids the previous bug early.

src/libstrongswan/crypto/pkcs5.c patch | blob | blame | history

diff --git a/src/libstrongswan/crypto/pkcs5.c b/src/libstrongswan/crypto/pkcs5.c
index 4851d3f969bd6cbad0eac51f61fdd2a18ab1af35..822656f84b221df59797905b830f3cd42e7ccbb8 100644 (file)
--- a/src/libstrongswan/crypto/pkcs5.c
+++ b/src/libstrongswan/crypto/pkcs5.c
@@ -349,7 +349,7 @@ METHOD(pkcs5_t, decrypt, bool,
        chunk_t keymat, key, iv;
        derive_t kdf;
 
-       if (!ensure_crypto_primitives(this, data) || !decrypted)
+       if (!data.len || !ensure_crypto_primitives(this, data) || !decrypted)
        {
                return FALSE;
        }
Unnamed repository; edit this file 'description' to name the repository.