Commit 533b178d authored Feb 27, 2017 by Pauli Committed by Rich Salz Feb 28, 2017

Avoid buffer underflow in evp_test.



The second loop in the remove_space function doesn't check for walking
back off of the start of the string while setting white space to 0.

This fix exits this loop once the pointer is before the (updated) beginning
of the string.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2752)

parent fa7e9ed3

test/evp_test.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -23,17 +23,17 @@

		static void remove_space(char **pval)
		{
		unsigned char p = (unsigned char )*pval;
		unsigned char p = (unsigned char )pval, beginning;

		while (isspace(*p))
		p++;

		pval = (char )p;
		pval = (char )(beginning = p);

		p = p + strlen(*pval) - 1;

		/* Remove trailing space */
		while (isspace(*p))
		while (p >= beginning && isspace(*p))
		*p-- = 0;
		}