bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data

[openssl.git] / crypto / evp / bio_b64.c

diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index cade6f8f95d88ff2e2564d0e8548a77b18fcf003..e70fc322d86ee0b8c28516e8fd50fbf6f8230a6a 100644 (file)
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -289,6 +289,14 @@ static int b64_read(BIO *b, char *out, int outl)
                                  (unsigned char *)ctx->tmp, i);
             ctx->tmp_len = 0;
         }
+        /*
+         * If eof or an error was signalled, then the condition
+         * 'ctx->cont <= 0' will prevent b64_read() from reading
+         * more data on subsequent calls. This assignment was
+         * deleted accidentally in commit 5562cfaca4f3.
+         */
+        ctx->cont = i;
+
         ctx->buf_off = 0;
         if (i < 0) {
             ret_code = 0;