git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Mon, 25 Apr 2016 08:06:29 +0000 (09:06 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 3 May 2016 10:56:23 +0000 (11:56 +0100)
commit	2bd5d70ce5943e0085c1f886ed8ea4c34ca0f133
tree	1cbfa08711f83558bc77057760c1f8bc10288488	tree \| snapshot
parent	ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920	commit \| diff

Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>

crypto/evp/encode.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom