case EVP_CIPH_CBC_MODE:
n = EVP_CIPHER_CTX_get_iv_length(ctx);
- if (!ossl_assert(n >= 0 && n <= (int)sizeof(ctx->iv)))
- return 0;
+ if (n < 0 || n > (int)sizeof(ctx->iv)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
+ return 0;
+ }
if (iv != NULL)
memcpy(ctx->oiv, iv, n);
memcpy(ctx->iv, ctx->oiv, n);
ctx->num = 0;
/* Don't reuse IV for CTR mode */
if (iv != NULL) {
- if ((n = EVP_CIPHER_CTX_get_iv_length(ctx)) <= 0)
+ n = EVP_CIPHER_CTX_get_iv_length(ctx);
+ if (n <= 0 || n > (int)sizeof(ctx->iv)) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
return 0;
+ }
memcpy(ctx->iv, iv, n);
}
break;