git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Mon, 25 Apr 2016 08:06:29 +0000 (09:06 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 3 May 2016 10:52:53 +0000 (11:52 +0100)
commit	5d20e98465ad2d9af52190d42ca2b9deedcf9e8e
tree	514ef772c25f85986c6a50c840a5b7e04819334d	tree \| snapshot
parent	5b814481f3573fa9677f3a31ee51322e2a22ee6a	commit \| diff

Ensure EVP_EncodeUpdate handles an output length that is too long

With the EVP_EncodeUpdate function it is the caller's responsibility to
determine how big the output buffer should be. The function writes the
amount actually used to |*outl|. However this could go negative with a
sufficiently large value for |inl|. We add a check for this error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>

crypto/evp/encode.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom