From: Geoff Thorpe <geoff@openssl.org>
Date: Sun, 4 May 2014 22:44:14 +0000 (-0400)
Subject: evp: prevent underflow in base64 decoding
X-Git-Tag: master-post-reformat~831
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=fce3821111e3307a599d2378f2cca2ef2097c6c4;p=oweals%2Fopenssl.git

evp: prevent underflow in base64 decoding

This patch resolves RT ticket #2608.

Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
---

diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
index e278a1b5d4..a4f7674d9d 100644
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
 				v=EVP_DecodeBlock(out,d,n);
 				n=0;
 				if (v < 0) { rv=0; goto end; }
+				if (eof > v) { rv=-1; goto end; }
 				ret+=(v-eof);
 				}
 			else