git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Mon, 25 Apr 2016 08:06:29 +0000 (09:06 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 3 May 2016 10:49:12 +0000 (11:49 +0100)
commit	3850c2b9d55fb91ea1d9b8228fd8a761d0ba1780
tree	116b127e65038f5a056ee0d3b9551f4c6ad71c86	tree \| snapshot
parent	172c6e1e14defe7d49d62f5fc9ea6a79b225424f	commit \| diff

Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>

crypto/evp/encode.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom