Fix the overlapping check for fragmented "Update" operations

[openssl.git] / crypto / evp / e_des3.c

diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index a8429136588a577f9112c74458dfe25a24bab424..da77936c969cbf7b6f751023cc86f8042f803ddc 100644 (file)
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -15,6 +15,7 @@
 # include "internal/evp_int.h"
 # include <openssl/des.h>
 # include <openssl/rand.h>
+# include "evp_locl.h"
 
 typedef struct {
     union {
@@ -392,6 +393,12 @@ static int des_ede3_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
      */
     if (inl >= EVP_MAXCHUNK || inl % 8)
         return -1;
+
+    if (is_partially_overlapping(out, in, inl)) {
+        EVPerr(EVP_F_DES_EDE3_WRAP_CIPHER, EVP_R_PARTIALLY_OVERLAPPING);
+        return 0;
+    }
+
     if (EVP_CIPHER_CTX_encrypting(ctx))
         return des_ede3_wrap(ctx, out, in, inl);
     else