With bounds checking patch for gcc-3.1 problems if using AES
Markus Friedl
markus at openbsd.org
Tue Jul 16 18:15:35 EST 2002
On Mon, Jul 15, 2002 at 06:57:08PM +0000, Daniel Schröter wrote:
> rijndal_cbc.cleanup = ssh_rijndael_cleanup;
> rijndal_cbc.do_cipher = ssh_rijndael_cbc;
> #ifndef SSH_OLD_EVP
> rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
> EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
> #endif
> return (&rijndal_cbc);
> }
thanks, i've added EVP_CIPH_CUSTOM_IV.
the only problem remains is systems with OpenSSL 0.9.5 (SSH_OLD_EVP)
they will probably still copy out of bounds.
More information about the openssh-unix-dev
mailing list