# # This was developed in house and reported to the upstream. # --- openssl-1.0.1e/crypto/evp/e_aes.c Tue Jul 2 11:03:12 2013 +++ openssl-1.0.1e/crypto/evp/e_aes.c.new Tue Jul 2 11:04:56 2013 @@ -1016,8 +1016,12 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { + size_t bl = ctx->cipher->block_size; EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data; + if (len < bl) + return 1; + if (dat->stream.cbc) (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt); else if (ctx->encrypt)