From: Dr. Stephen Henson <steve@openssl.org>
Date: Sat, 5 Jul 2014 23:32:44 +0000 (+0100)
Subject: Sanity check keylength in PVK files.
X-Git-Tag: OpenSSL_1_0_0n~37
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=aeae79951ca63e89b0550ca1c925bce37b81b5b5;p=oweals%2Fopenssl.git

Sanity check keylength in PVK files.

PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
---

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 5f130c4528..6fa3242f7e 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -755,6 +755,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 		/* Copy BLOBHEADER across, decrypt rest */
 		memcpy(enctmp, p, 8);
 		p += 8;
+		if (keylen < 8)
+			{
+			PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+			return NULL;
+			}
 		inlen = keylen - 8;
 		q = enctmp + 8;
 		EVP_CIPHER_CTX_init(&cctx);