Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
podofo.34527
r1945-Fix-possible-incompatibility-of-PdfAESStr...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File r1945-Fix-possible-incompatibility-of-PdfAESStream-with-OpenSSL-1.1.0g.patch of Package podofo.34527
------------------------------------------------------------------------ r1945 | mc-zyx | 2018-10-27 15:46:04 +0200 (sáb 27 de oct de 2018) | 2 líneas Patch by Francesco Pretto: Fix possible incompatibility of PdfAESStream with OpenSSL 1.1.0g Index: src/base/PdfEncrypt.cpp =================================================================== --- src/base/PdfEncrypt.cpp (revisión: 1944) +++ src/base/PdfEncrypt.cpp (revisión: 1945) @@ -32,6 +32,7 @@ #include <stdlib.h> #include <string.h> #include <sstream> +#include <vector> #ifdef PODOFO_HAVE_OPENSSL // SHA-256 @@ -384,8 +385,8 @@ EVP_CIPHER_CTX* aes = m_aes->getEngine(); int lOutLen = 0, lStepOutLen; int status = 1; + int bufferOffset = 0; if( bFirstRead ) { - bFirstRead = false; if( keyLen == PdfEncrypt::ePdfKeyLength_128/8 ) { status = EVP_DecryptInit_ex( aes, EVP_aes_128_cbc(), NULL, key, pBuffer ); #ifdef PODOFO_HAVE_LIBIDN @@ -397,15 +398,18 @@ } if(status != 1) PODOFO_RAISE_ERROR_INFO( ePdfError_InternalLogic, "Error initializing AES encryption engine" ); - status = EVP_DecryptUpdate( aes, pBuffer, &lOutLen, pBuffer + AES_IV_LENGTH, lLen - AES_IV_LENGTH ); - } else if( !bOnlyFinalLeft ) { + + bufferOffset = AES_IV_LENGTH; + bFirstRead = false; + } + + if( !bOnlyFinalLeft ) { // Quote openssl.org: "the decrypted data buffer out passed to EVP_DecryptUpdate() should have sufficient room // for (inl + cipher_block_size) bytes unless the cipher block size is 1 in which case inl bytes is sufficient." // So we need to create a buffer that is bigger than lLen. - unsigned char* tempBuffer = new unsigned char[lLen + 16]; - status = EVP_DecryptUpdate( aes, tempBuffer, &lOutLen, pBuffer, lLen ); - memcpy( pBuffer, tempBuffer, lOutLen ); - delete[] tempBuffer; + tempBuffer.resize( lLen + 16 ); + status = EVP_DecryptUpdate( aes, &tempBuffer[0], &lOutLen, pBuffer + bufferOffset, lLen - bufferOffset ); + memcpy( pBuffer, &tempBuffer[0], lOutLen ); } if( status != 1 ) PODOFO_RAISE_ERROR_INFO( ePdfError_InternalLogic, "Error AES-decryption data" ); @@ -427,6 +431,7 @@ } private: + std::vector<unsigned char> tempBuffer; unsigned char key[32]; const size_t keyLen; bool bFirstRead; ------------------------------------------------------------------------
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor