git.openssl.org Git - openssl.git/commit

author	Rich Salz <rsalz@openssl.org>
	Tue, 21 Feb 2017 18:07:13 +0000 (13:07 -0500)
committer	Rich Salz <rsalz@openssl.org>
	Tue, 21 Feb 2017 18:15:07 +0000 (13:15 -0500)
commit	c6a9f005be1cf8e29a0985643b27b9548bcfdee2
tree	22d8bf5ad07cdd056aaae5774fc7d6bd0b58101a	tree \| snapshot
parent	c62ee12574e661a111238954b07ea1d5f0786bec	commit \| diff

Prevent OOB in SRP base64 code.

Change size comparison from > (GT) to >= (GTE) to ensure an additional
byte of output buffer, to prevent OOB reads/writes later in the function
Reject input strings larger than 2GB
Detect invalid output buffer size and return early

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2672)

(cherry picked from commit ecca16632a73bb80ee27cdec8a97f6def0a4714d)

crypto/srp/srp_vfy.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom