projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 172c6e1) | patch
Ensure EVP_EncodeUpdate handles an output length that is too long
authorMatt Caswell <matt@openssl.org>
Mon, 25 Apr 2016 08:06:29 +0000 (09:06 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 3 May 2016 10:49:12 +0000 (11:49 +0100)
commit3850c2b9d55fb91ea1d9b8228fd8a761d0ba1780
tree116b127e65038f5a056ee0d3b9551f4c6ad71c86tree | snapshot
parent172c6e1e14defe7d49d62f5fc9ea6a79b225424fcommit | diff
Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/evp/encode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.