Add a custom copy handler for AES key wrap - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	tb <tb@openbsd.org>	2020-06-05 18:44:42 +0000
committer	tb <tb@openbsd.org>	2020-06-05 18:44:42 +0000
commit	f72711c6fb8692f12b01b3a3b7f54687729f6f9b (patch)
tree	ddf1d46c6b69cc56df29a18cb80494652a3c23ac /sys
parent	Use IANA allocated GOST ClientCertificateTypes. (diff)
download	wireguard-openbsd-f72711c6fb8692f12b01b3a3b7f54687729f6f9b.tar.xz wireguard-openbsd-f72711c6fb8692f12b01b3a3b7f54687729f6f9b.zip

Add a custom copy handler for AES key wrap

This is necessary because ctx->cipher_data is an EVP_AES_WRAP_CTX containing a pointer to ctx->iv. EVP_CIPHER_CTX_copy() uses memcpy to copy cipher_data to the target struct. The result is that the copy contains a pointer to the wrong struct, which then leads to a use-after-free. The custom copy handler fixes things up to avoid that. Issue reported by Guido Vranken ok beck inoguchi jsing

Diffstat (limited to 'sys')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: