With bounds checking patch for gcc-3.1 problems if using AES

Markus Friedl markus at openbsd.org
Thu Jul 11 01:26:17 EST 2002


On Tue, Jul 09, 2002 at 07:59:48PM +0200, Lutz Jaenicke wrote:
> > The line 105 in file openssl-0.9.6d/crypto/evp/evp_enc.c is (maybe) the
> > problem.:
> > 
> >      memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));

...

> ctx->iv and ctx->oiv are members of evp_cipher_ctx_st (aka EVP_CIPHER_CTX),
> located one after the other in memory. Both are of the size EVP_MAX_IV_LENGTH
> which is 8 in 0.9.6x and 16 for 0.9.7 and later. If the length of the IV
> is larger than 8 bytes, an overlapping memory copy may occur:
> ...
> #define RIJNDAEL_BLOCKSIZE 16
> rijndal_cbc.iv_len = RIJNDAEL_BLOCKSIZE;

i think that OpenSSL should not do the copying for the IV,
since OpenSSH's evp rijdael module handles the IV itself
(this is _because_ older OpenSSL libs are limited to 8 byte IVs).

what versions of OpenSSL do support EVP_CIPH_CUSTOM_IV?
would it be appropriate to use this option?



More information about the openssh-unix-dev mailing list