From fce3821111e3307a599d2378f2cca2ef2097c6c4 Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Sun, 4 May 2014 18:44:14 -0400 Subject: [PATCH] evp: prevent underflow in base64 decoding This patch resolves RT ticket #2608. Thanks to Robert Dugal for originally spotting this, and to David Ramos for noticing that the ball had been dropped. Signed-off-by: Geoff Thorpe --- crypto/evp/encode.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index e278a1b5d4..a4f7674d9d 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, v=EVP_DecodeBlock(out,d,n); n=0; if (v < 0) { rv=0; goto end; } + if (eof > v) { rv=-1; goto end; } ret+=(v-eof); } else -- GitLab