projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5b81448) | patch
Ensure EVP_EncodeUpdate handles an output length that is too long
authorMatt Caswell <matt@openssl.org>
Mon, 25 Apr 2016 08:06:29 +0000 (09:06 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 3 May 2016 10:52:53 +0000 (11:52 +0100)
commit5d20e98465ad2d9af52190d42ca2b9deedcf9e8e
tree514ef772c25f85986c6a50c840a5b7e04819334dtree | snapshot
parent5b814481f3573fa9677f3a31ee51322e2a22ee6acommit | diff
Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/evp/encode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.