Add some sanity checks around usage of t_fromb64()
authorMatt Caswell <matt@openssl.org>
Thu, 8 Sep 2016 13:32:27 +0000 (14:32 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 14 Sep 2016 09:17:46 +0000 (10:17 +0100)
commit68f11e82d9c19e104f34bd5186decc98566738ca
treee6112b4d40a03654c8c17d9fa0065b3bcdb1d49c
parent15d81749322c3498027105f8ee44e8c25479d475
Add some sanity checks around usage of t_fromb64()

The internal SRP function t_fromb64() converts from base64 to binary. It
does not validate that the size of the destination is sufficiently large -
that is up to the callers. In some places there was such a check, but not
in others.

Add an argument to t_fromb64() to provide the size of the destination
buffer and validate that we don't write too much data. Also add some sanity
checks to the callers where appropriate.

With thanks to Shi Lei for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 73f0df8331910d6726d45ecaab12bd93cc48b4e2)
crypto/srp/srp_vfy.c