From: Geoff Thorpe Date: Sun, 4 May 2014 22:44:14 +0000 (-0400) Subject: evp: prevent underflow in base64 decoding X-Git-Tag: master-post-reformat~831 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=fce3821111e3307a599d2378f2cca2ef2097c6c4;p=oweals%2Fopenssl.git evp: prevent underflow in base64 decoding This patch resolves RT ticket #2608. Thanks to Robert Dugal for originally spotting this, and to David Ramos for noticing that the ball had been dropped. Signed-off-by: Geoff Thorpe --- diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index e278a1b5d4..a4f7674d9d 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, v=EVP_DecodeBlock(out,d,n); n=0; if (v < 0) { rv=0; goto end; } + if (eof > v) { rv=-1; goto end; } ret+=(v-eof); } else