diff options
| author | Geoff Thorpe <geoff@openssl.org> | 2014-05-04 18:44:14 -0400 |
|---|---|---|
| committer | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2015-10-22 01:06:05 +0200 |
| commit | 7448dd4ce976a92739463f5b5b1649a4bf8037cc (patch) | |
| tree | b9467bd284e6e94cd18e24c800cae1e1f3b86180 | |
| parent | f9e59981ba64f0264ae52379e35164d48133ddaf (diff) | |
| download | replicant_openssl-7448dd4ce976a92739463f5b5b1649a4bf8037cc.zip replicant_openssl-7448dd4ce976a92739463f5b5b1649a4bf8037cc.tar.gz replicant_openssl-7448dd4ce976a92739463f5b5b1649a4bf8037cc.tar.bz2 | |
evp: prevent underflow in base64 decoding
This patch resolves RT ticket #2608.
Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
| -rw-r--r-- | crypto/evp/encode.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index 28546a8..4654bdc 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, v=EVP_DecodeBlock(out,d,n); n=0; if (v < 0) { rv=0; goto end; } + if (eof > v) { rv=-1; goto end; } ret+=(v-eof); } else |