Skip to content

evp: check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length.#9943

Open
philljj wants to merge 1 commit intowolfSSL:masterfrom
philljj:fix_evp_set_iv_length
Open

evp: check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length.#9943
philljj wants to merge 1 commit intowolfSSL:masterfrom
philljj:fix_evp_set_iv_length

Conversation

@philljj
Copy link
Contributor

@philljj philljj commented Mar 10, 2026

Description

Check input ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length.

Fixes zd#21326.

@philljj philljj self-assigned this Mar 10, 2026
Copilot AI review requested due to automatic review settings March 10, 2026 20:30
Copilot AI reviewed Mar 10, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds validation for ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length to prevent invalid IV size assignments (Fixes zd#21326).

Changes:

  • Return WOLFSSL_FAILURE when ctx is NULL
  • Reject negative ivLen values
  • Reject ivLen values larger than the ctx->iv buffer

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@philljj philljj added the For This Release Release version 5.9.0 label Mar 10, 2026
@philljj
Copy link
Contributor Author

philljj commented Mar 11, 2026
edited
Loading

Retest this please

@philljj philljj assigned wolfSSL-Bot and unassigned philljj Mar 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

For This Release Release version 5.9.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@philljj @wolfSSL-Bot