projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add a comment noting the padding oracle.
[openssl.git] / crypto / evp / evp_enc.c
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index a3d231dd20ecfce8cec927fd9cf9e21be26d3e3e..757c5ae6f652aa592ca5e70a967ff1f5742c5856 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -549,6 +549,11 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                        return(0);
                        }
                OPENSSL_assert(b <= sizeof ctx->final);
+
+               /*
+                * The following assumes that the ciphertext has been authenticated.
+                * Otherwise it provides a padding oracle.
+                */
                n=ctx->final[b-1];
                if (n == 0 || n > (int)b)
                        {
Unnamed repository; edit this file 'description' to name the repository.