From: Richard Levitte <levitte@openssl.org>
Date: Sun, 13 Oct 2019 11:00:46 +0000 (+0200)
Subject: EVP_{CIPHER,MD}_CTX_ctrl(): make extra sure to return 0 or 1
X-Git-Tag: openssl-3.0.0-alpha1~1134
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=6a36f209bcfbc958e30d544c3031ed002dbfe582;hp=f6dead1b72a04b113b4b198ac98a8b9b994ad86f

EVP_{CIPHER,MD}_CTX_ctrl(): make extra sure to return 0 or 1

The previous fix was incomplete.

Fixes #10106

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10163)
---

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index c2a6e83ad5..e59f082818 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -680,7 +680,7 @@ int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
                                                       p2, p1);
         break;
     default:
-        return EVP_CTRL_RET_UNSUPPORTED;
+        goto conclude;
     }
 
     if (set_params)
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 18adc5b586..3f0e5a7e4a 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1092,7 +1092,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
     case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
     case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */
     default:
-        return EVP_CTRL_RET_UNSUPPORTED;
+        goto end;
     case EVP_CTRL_GET_IV:
         set_params = 0;
         params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV,
@@ -1134,12 +1134,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
                                               ptr, sz);
         ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
         if (ret <= 0)
-            return ret;
+            goto end;
         params[0] =
             OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, &sz);
         ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
         if (ret <= 0)
-            return 0;
+            goto end;
         return sz;
 #ifndef OPENSSL_NO_RC2
     case EVP_CTRL_GET_RC2_KEY_BITS:
@@ -1154,7 +1154,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
         ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
     else
         ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
-    goto conclude;
+    goto end;
 
 /* TODO(3.0): Remove legacy code below */
 legacy:
@@ -1165,7 +1165,7 @@ legacy:
 
     ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
 
- conclude:
+ end:
     if (ret == EVP_CTRL_RET_UNSUPPORTED) {
         EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
                EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);