diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2024-02-05 21:54:32 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2024-05-02 16:26:11 +0900 |
commit | eb6f0000a4b752803ff7431d24d1a0a535a4387e (patch) | |
tree | c92acb49ae8718188ba1c2a0f453e0c25ffdab7a /yjit/src/lib.rs | |
parent | d39993a4ce15004d98a450dd71bb804fd0e37182 (diff) |
[ruby/openssl] cipher: fix buffer overflow in Cipher#update
OpenSSL::Cipher#update currently allocates the output buffer with size
(input data length)+(the block size of the cipher). This is insufficient
for the id-aes{128,192,256}-wrap-pad (AES keywrap with padding) ciphers.
They have a block size of 8 bytes, but the output may be up to 15 bytes
larger than the input.
Use (input data length)+EVP_MAX_BLOCK_LENGTH (== 32) as the output
buffer size, instead. OpenSSL doesn't provide a generic way to tell the
maximum required buffer size for ciphers, but this is large enough for
all algorithms implemented in current versions of OpenSSL.
Fixes: https://bugs.ruby-lang.org/issues/20236
https://github.com/ruby/openssl/commit/3035559f54
Diffstat (limited to 'yjit/src/lib.rs')
0 files changed, 0 insertions, 0 deletions