48 lines
1.7 KiB
Diff
48 lines
1.7 KiB
Diff
From a79e09d97435bfdf4fdd439d76d847ba8dcbb445 Mon Sep 17 00:00:00 2001
|
|
From: Ondrej Holy <oholy@redhat.com>
|
|
Date: Tue, 3 Aug 2021 08:39:21 +0200
|
|
Subject: [PATCH] winpr/crypto: Exit cleanly when EVP_EncryptInit_ex fails
|
|
|
|
The `EVP_EncryptInit_ex` function may fail in certain configurations.
|
|
Consequently, FreeRDP segfaults in `EVP_CIPHER_CTX_set_key_length`.
|
|
Let's handle the `EVP_EncryptInit_ex` failures and exit cleanly in
|
|
such case.
|
|
---
|
|
winpr/libwinpr/crypto/cipher.c | 13 +++++++++++--
|
|
1 file changed, 11 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/winpr/libwinpr/crypto/cipher.c b/winpr/libwinpr/crypto/cipher.c
|
|
index c47595b14..bd52cfeed 100644
|
|
--- a/winpr/libwinpr/crypto/cipher.c
|
|
+++ b/winpr/libwinpr/crypto/cipher.c
|
|
@@ -66,7 +66,12 @@ static WINPR_RC4_CTX* winpr_RC4_New_Internal(const BYTE* key, size_t keylen, BOO
|
|
return NULL;
|
|
|
|
EVP_CIPHER_CTX_init((EVP_CIPHER_CTX*)ctx);
|
|
- EVP_EncryptInit_ex((EVP_CIPHER_CTX*)ctx, evp, NULL, NULL, NULL);
|
|
+ if (EVP_EncryptInit_ex((EVP_CIPHER_CTX*)ctx, evp, NULL, NULL, NULL) != 1)
|
|
+ {
|
|
+ EVP_CIPHER_CTX_free ((EVP_CIPHER_CTX*)ctx);
|
|
+ return NULL;
|
|
+ }
|
|
+
|
|
/* EVP_CIPH_FLAG_NON_FIPS_ALLOW does not exist before openssl 1.0.1 */
|
|
#if !(OPENSSL_VERSION_NUMBER < 0x10001000L)
|
|
|
|
@@ -75,7 +80,11 @@ static WINPR_RC4_CTX* winpr_RC4_New_Internal(const BYTE* key, size_t keylen, BOO
|
|
|
|
#endif
|
|
EVP_CIPHER_CTX_set_key_length((EVP_CIPHER_CTX*)ctx, (int)keylen);
|
|
- EVP_EncryptInit_ex((EVP_CIPHER_CTX*)ctx, NULL, NULL, key, NULL);
|
|
+ if (EVP_EncryptInit_ex((EVP_CIPHER_CTX*)ctx, NULL, NULL, key, NULL) != 1)
|
|
+ {
|
|
+ EVP_CIPHER_CTX_free ((EVP_CIPHER_CTX*)ctx);
|
|
+ return NULL;
|
|
+ }
|
|
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_ARC4_C)
|
|
|
|
if (!(ctx = (WINPR_RC4_CTX*)calloc(1, sizeof(mbedtls_arc4_context))))
|
|
--
|
|
2.31.1
|
|
|