From 377c83dc5717ad0ad4c69daa289e37335389cded Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Sat, 10 Sep 2022 17:45:11 +0000 Subject: Increment the input and output position for EVP AES CFB1. The length is decremented, however the input is repeatedly read from and output written to the same position. Correct this by actually incrementing the input and output pointers. Found via OpenSSL 604e591ed7, ok tb@ --- lib/libcrypto/evp/e_aes.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib/libcrypto/evp/e_aes.c') diff --git a/lib/libcrypto/evp/e_aes.c b/lib/libcrypto/evp/e_aes.c index e6bba2b952c..3661abcbfe5 100644 --- a/lib/libcrypto/evp/e_aes.c +++ b/lib/libcrypto/evp/e_aes.c @@ -1,4 +1,4 @@ -/* $OpenBSD: e_aes.c,v 1.47 2022/09/06 06:38:26 jsing Exp $ */ +/* $OpenBSD: e_aes.c,v 1.48 2022/09/10 17:45:10 jsing Exp $ */ /* ==================================================================== * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. * @@ -511,6 +511,8 @@ aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK*8, &dat->ks, ctx->iv, &ctx->num, ctx->encrypt, dat->block); len -= MAXBITCHUNK; + in += MAXBITCHUNK; + out += MAXBITCHUNK; } if (len) CRYPTO_cfb128_1_encrypt(in, out, len*8, &dat->ks, -- cgit v1.2.3