From c0548c94e499f38fd4077f6e9ca3e7e6a9c670b2 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Sat, 16 Jul 2016 22:56:20 +0900 Subject: cipher: fix handling huge data larger than INT_MAX bytes The function ossl_cipher_update_long() was added to fix this in r48923 (ossl_cipher.c: workaround of OpenSSL API, 2014-12-23), but it didn't work well. [Bug #10633] This can be tested by running: $ fallocate -l 2G data.img $ ruby -ropenssl < UPDATE_LENGTH_LIMIT - if (in_len > UPDATE_LENGTH_LIMIT) { - const int in_part_len = (UPDATE_LENGTH_LIMIT / 2 + 1) & ~1; - do { - if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0, - &out_part_len, in, in_part_len)) - return 0; - out_len += out_part_len; - in += in_part_len; - } while ((in_len -= in_part_len) > UPDATE_LENGTH_LIMIT); - } -#endif - if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0, - &out_part_len, in, (int)in_len)) - return 0; - if (out_len_ptr) *out_len_ptr = out_len += out_part_len; + + do { + int in_part_len = in_len > limit ? limit : in_len; + + if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0, + &out_part_len, in, in_part_len)) + return 0; + + out_len += out_part_len; + in += in_part_len; + } while ((in_len -= limit) > 0); + + if (out_len_ptr) + *out_len_ptr = out_len; + return 1; } -- cgit v1.2.3