projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Add a comment noting the padding oracle.
[openssl.git]
/
crypto
/
evp
/
evp_enc.c
diff --git
a/crypto/evp/evp_enc.c
b/crypto/evp/evp_enc.c
index a3d231dd20ecfce8cec927fd9cf9e21be26d3e3e..757c5ae6f652aa592ca5e70a967ff1f5742c5856 100644
(file)
--- a/
crypto/evp/evp_enc.c
+++ b/
crypto/evp/evp_enc.c
@@
-549,6
+549,11
@@
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
return(0);
}
OPENSSL_assert(b <= sizeof ctx->final);
+
+ /*
+ * The following assumes that the ciphertext has been authenticated.
+ * Otherwise it provides a padding oracle.
+ */
n=ctx->final[b-1];
if (n == 0 || n > (int)b)
{