RT3757: base64 encoding bugs
authorEmilia Kasper <emilia@openssl.org>
Wed, 2 Sep 2015 13:31:28 +0000 (15:31 +0200)
committerEmilia Kasper <emilia@openssl.org>
Thu, 17 Sep 2015 18:12:34 +0000 (20:12 +0200)
commit37faf117965de181f4de0b4032eecac2566de5f6
treef728aa67cf53c15bd3cd521d055fd6e7096c1ba3
parent0711826ae946138b94c19aabbcdc2f716cd98684
RT3757: base64 encoding bugs

Rewrite EVP_DecodeUpdate.

In particular: reject extra trailing padding, and padding in the middle
of the content. Don't limit line length. Add tests.

Previously, the behaviour was ill-defined, and depended on the position
of the padding within the input.

In addition, this appears to fix a possible two-byte oob read.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 3cdd1e94b1d71f2ce3002738f9506da91fe2af45)
CHANGES
crypto/evp/encode.c