You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 lines
1.1 KiB
40 lines
1.1 KiB
diff -up openssl-1.0.1e/crypto/evp/encode.c.b64-overflow openssl-1.0.1e/crypto/evp/encode.c |
|
--- openssl-1.0.1e/crypto/evp/encode.c.b64-overflow 2016-04-07 15:45:20.000000000 +0200 |
|
+++ openssl-1.0.1e/crypto/evp/encode.c 2016-04-29 12:46:34.232656522 +0200 |
|
@@ -132,12 +132,12 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct |
|
const unsigned char *in, int inl) |
|
{ |
|
int i,j; |
|
- unsigned int total=0; |
|
+ size_t total=0; |
|
|
|
*outl=0; |
|
if (inl == 0) return; |
|
OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); |
|
- if ((ctx->num+inl) < ctx->length) |
|
+ if (ctx->length - ctx->num > inl) |
|
{ |
|
memcpy(&(ctx->enc_data[ctx->num]),in,inl); |
|
ctx->num+=inl; |
|
@@ -156,7 +156,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct |
|
*out='\0'; |
|
total=j+1; |
|
} |
|
- while (inl >= ctx->length) |
|
+ while (inl >= ctx->length && total <= INT_MAX) |
|
{ |
|
j=EVP_EncodeBlock(out,in,ctx->length); |
|
in+=ctx->length; |
|
@@ -166,6 +166,12 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct |
|
*out='\0'; |
|
total+=j+1; |
|
} |
|
+ if (total > INT_MAX) |
|
+ { |
|
+ /* Too much output data! */ |
|
+ *outl = 0; |
|
+ return; |
|
+ } |
|
if (inl != 0) |
|
memcpy(&(ctx->enc_data[0]),in,inl); |
|
ctx->num=inl;
|
|
|