buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
if (buf_inlen < 0) {
BIO_printf(bio_err, "Error reading input Data\n");
- exit(1);
+ goto end;
}
if (rev) {
size_t i;
}
}
+ /* Sanity check the input */
+ if (buf_inlen > EVP_MAX_MD_SIZE
+ && (pkey_op == EVP_PKEY_OP_SIGN
+ || pkey_op == EVP_PKEY_OP_VERIFY
+ || pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
+ BIO_printf(bio_err,
+ "Error: The input data looks too long to be a hash\n");
+ goto end;
+ }
+
if (pkey_op == EVP_PKEY_OP_VERIFY) {
rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
buf_in, (size_t)buf_inlen);