From 56e1d693f0ec5550a8e3dd52d30e57a02f0287af Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Wed, 19 Oct 2022 11:08:23 +0530 Subject: [PATCH] CVE-2022-3358 Upstream-Status: Backport [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b] CVE : CVE-2022-3358 Signed-off-by: Hitendra Prajapati --- crypto/evp/digest.c | 4 +++- crypto/evp/evp_enc.c | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index de9a1dc..e6e03ea 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -225,7 +225,9 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, || tmpimpl != NULL #endif || (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0 - || type->origin == EVP_ORIG_METH) { + || (type != NULL && type->origin == EVP_ORIG_METH) + || (type == NULL && ctx->digest != NULL + && ctx->digest->origin == EVP_ORIG_METH)) { if (ctx->digest == ctx->fetched_digest) ctx->digest = NULL; EVP_MD_free(ctx->fetched_digest); diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 19a07de..5df08bd 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -131,7 +131,10 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) || tmpimpl != NULL #endif - || impl != NULL) { + || impl != NULL + || (cipher != NULL && cipher->origin == EVP_ORIG_METH) + || (cipher == NULL && ctx->cipher != NULL + && ctx->cipher->origin == EVP_ORIG_METH)) { if (ctx->cipher == ctx->fetched_cipher) ctx->cipher = NULL; EVP_CIPHER_free(ctx->fetched_cipher); @@ -147,7 +150,6 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, ctx->cipher_data = NULL; } - /* Start of non-legacy code below */ /* Ensure a context left lying around from last time is cleared */ -- 2.25.1