Sanity check keylength in PVK files.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 5 Jul 2014 23:32:44 +0000 (00:32 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 5 Jul 2014 23:36:10 +0000 (00:36 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 23:32:44 +0000 (00:32 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 5 Jul 2014 23:36:10 +0000 (00:36 +0100)
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c

index 5f130c45286880ef3c06bf25c70f780b1a839dea..6fa3242f7e1587e9027b709e6a6658a6ee1d2a6a 100644 (file)
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -755,6 +755,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
                 /* Copy BLOBHEADER across, decrypt rest */
                 memcpy(enctmp, p, 8);
                 p += 8;
+               if (keylen < 8)
+                       {
+                       PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+                       return NULL;
+                       }
                 inlen = keylen - 8;
                 q = enctmp + 8;
                 EVP_CIPHER_CTX_init(&cctx);
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 5 Jul 2014 23:32:44 +0000 (00:32 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 5 Jul 2014 23:36:10 +0000 (00:36 +0100)