From: Richard Levitte <levitte@openssl.org>
Date: Thu, 4 Apr 2019 23:22:14 +0000 (+0200)
Subject: EVP_*Update: ensure that input NULL with length 0 isn't passed
X-Git-Tag: openssl-3.0.0-alpha1~2199
X-Git-Url: https://git.openssl.org/?a=commitdiff_plain;h=dcb982d792d6064ed3493e79749208d8c257ff04;hp=dcb982d792d6064ed3493e79749208d8c257ff04;p=openssl.git

EVP_*Update: ensure that input NULL with length 0 isn't passed

Even with custome ciphers, the combination in == NULL && inl == 0
should not be passed down to the backend cipher function.  The reason
is that these are the values passed by EVP_*Final, and some of the
backend cipher functions do check for these to see if a "final" call
is made.

Fixes #8675

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8676)
---