projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d0f38a1) | patch
Prevent OOB in SRP base64 code.
authorRich Salz <rsalz@openssl.org>
Tue, 21 Feb 2017 18:07:13 +0000 (13:07 -0500)
committerRich Salz <rsalz@openssl.org>
Tue, 21 Feb 2017 18:15:27 +0000 (13:15 -0500)
commit1acdbb3eef4c992c9cebec3cbdf8104761aa7d63
tree8a17dc573e4b7f354ef7580bf24297d9e65a004dtree | snapshot
parentd0f38a1b8dbced5366177d41490c6fabe0014e56commit | diff
Prevent OOB in SRP base64 code.

Change size comparison from > (GT) to >= (GTE) to ensure an additional
byte of output buffer, to prevent OOB reads/writes later in the function
Reject input strings larger than 2GB
Detect invalid output buffer size and return early

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2672)

(cherry picked from commit ecca16632a73bb80ee27cdec8a97f6def0a4714d)
crypto/srp/srp_vfy.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.