Prevent OOB in SRP base64 code. (1acdbb3e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 1acdbb3e authored Feb 21, 2017 by

Rich Salz

Prevent OOB in SRP base64 code.



Change size comparison from > (GT) to >= (GTE) to ensure an additional
byte of output buffer, to prevent OOB reads/writes later in the function
Reject input strings larger than 2GB
Detect invalid output buffer size and return early

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2672)

(cherry picked from commit ecca1663)

parent d0f38a1b

Hide whitespace changes

Inline Side-by-side

Please register or to comment