Mercurial > dovecot > core-2.2

changeset 20503:e9faa5eec013

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib-dcrypt: Set stream_errno on istream-decrypt read failures. Fixes assert-crashes that would happen otherwise.
author Timo Sirainen <timo.sirainen@dovecot.fi>
date Wed, 06 Jul 2016 13:11:50 +0300
parents b6ae3fe5def8
children 67459cf9699f
files src/lib-dcrypt/istream-decrypt.c
diffstat 1 files changed, 4 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-dcrypt/istream-decrypt.c	Wed Jul 06 13:31:12 2016 +0300
+++ b/src/lib-dcrypt/istream-decrypt.c	Wed Jul 06 13:11:50 2016 +0300
@@ -734,6 +734,7 @@
 				    data, decrypt_size, &error)) {
 					io_stream_set_error(&stream->iostream,
 						"MAC error: %s", error);
+					stream->istream.stream_errno = EINVAL;
 					return -1;
 				}
 			}
@@ -747,10 +748,13 @@
 				if (!dcrypt_ctx_hmac_final(dstream->ctx_mac, &db, &error)) {
 					io_stream_set_error(&stream->iostream,
 						"Cannot verify MAC: %s", error);
+					stream->istream.stream_errno = EINVAL;
+					return -1;
 				}
 				if (memcmp(dgst, data + decrypt_size, dcrypt_ctx_hmac_get_digest_length(dstream->ctx_mac)) != 0) {
 					io_stream_set_error(&stream->iostream,
 						"Cannot verify MAC: mismatch");
+					stream->istream.stream_errno = EINVAL;
 					return -1;
 				}
 			} else if ((dstream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == IO_STREAM_ENC_INTEGRITY_AEAD) {