[Libreoffice-commits] core.git: oox/source
Caolán McNamara
caolanm at redhat.com
Wed Jan 3 20:32:36 UTC 2018
oox/source/crypto/CryptTools.cxx | 10 ++++++++++
1 file changed, 10 insertions(+)
New commits:
commit e11ff5a47a5e82de797e78e60f88acd9ff446149
Author: Caolán McNamara <caolanm at redhat.com>
Date: Wed Jan 3 20:13:28 2018 +0000
ofz#4929 ensure min input len for openssl ciphers
openssl is not the default backend
Change-Id: Id7bd77c1a12a15c0ebb4e7d758362c7778bfc2fd
Reviewed-on: https://gerrit.libreoffice.org/47349
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/oox/source/crypto/CryptTools.cxx b/oox/source/crypto/CryptTools.cxx
index 6de4363c59f4..e0b39f67cca4 100644
--- a/oox/source/crypto/CryptTools.cxx
+++ b/oox/source/crypto/CryptTools.cxx
@@ -128,10 +128,20 @@ Decrypt::Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto
const EVP_CIPHER* cipher = getCipher(type);
+ const size_t nMinKeySize = EVP_CIPHER_key_length(cipher);
+ if (key.size() < nMinKeySize)
+ key.resize(nMinKeySize, 0);
+
if (iv.empty())
EVP_DecryptInit_ex(&mContext, cipher, nullptr, key.data(), 0);
else
+ {
+ const size_t nMinIVSize = EVP_CIPHER_iv_length(cipher);
+ if (iv.size() < nMinIVSize)
+ iv.resize(nMinIVSize, 0);
+
EVP_DecryptInit_ex(&mContext, cipher, nullptr, key.data(), iv.data());
+ }
EVP_CIPHER_CTX_set_padding(&mContext, 0);
#endif
More information about the Libreoffice-commits
mailing list