Fix to PKCS#12 code to use the cipher block length when allocating a buffer

author Dr. Stephen Henson <steve@openssl.org>

Fri, 30 Jul 1999 10:11:21 +0000 (10:11 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Fri, 30 Jul 1999 10:11:21 +0000 (10:11 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 30 Jul 1999 10:11:21 +0000 (10:11 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Fri, 30 Jul 1999 10:11:21 +0000 (10:11 +0000)
diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c

index 8f502fae7fe6c1df3435be72bb83e4dde3fec9ba..d3d288e1874ee475d0320475a34bfa7d3f42c49a 100644 (file)
--- a/crypto/pkcs12/p12_decr.c
+++ b/crypto/pkcs12/p12_decr.c
@@ -76,17 +76,18 @@ unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass,
         int outlen, i;
         EVP_CIPHER_CTX ctx;
  
-       if(!(out = Malloc (inlen + 8))) {
-               PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE);
-               return NULL;
-       }
-
         /* Decrypt data */
          if (!EVP_PBE_CipherInit (algor->algorithm, pass, passlen,
                                          algor->parameter, &ctx, en_de)) {
                 PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
                 return NULL;
         }
+
+       if(!(out = Malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
+               PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE);
+               return NULL;
+       }
+
         EVP_CipherUpdate (&ctx, out, &i, in, inlen);
         outlen = i;
         if(!EVP_CipherFinal (&ctx, out + i, &i)) {
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 30 Jul 1999 10:11:21 +0000 (10:11 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Fri, 30 Jul 1999 10:11:21 +0000 (10:11 +0000)