projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9dd4ac8) | patch
Prevent OOB in SRP base64 code.
authorRich Salz <rsalz@openssl.org>
Tue, 21 Feb 2017 18:07:13 +0000 (13:07 -0500)
committerRich Salz <rsalz@openssl.org>
Tue, 21 Feb 2017 18:07:13 +0000 (13:07 -0500)
commitecca16632a73bb80ee27cdec8a97f6def0a4714d
tree3f53c183fdc8db0eea571813c5e207fdeeb3eecbtree | snapshot
parent9dd4ac8cf17f2afd636e85ae0111d1df4104a475commit | diff
Prevent OOB in SRP base64 code.

Change size comparison from > (GT) to >= (GTE) to ensure an additional
byte of output buffer, to prevent OOB reads/writes later in the function
Reject input strings larger than 2GB
Detect invalid output buffer size and return early

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2672)
crypto/srp/srp_vfy.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.