Skip to content
Commit 68f11e82 authored by Matt Caswell's avatar Matt Caswell
Browse files

Add some sanity checks around usage of t_fromb64()



The internal SRP function t_fromb64() converts from base64 to binary. It
does not validate that the size of the destination is sufficiently large -
that is up to the callers. In some places there was such a check, but not
in others.

Add an argument to t_fromb64() to provide the size of the destination
buffer and validate that we don't write too much data. Also add some sanity
checks to the callers where appropriate.

With thanks to Shi Lei for reporting this issue.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(cherry picked from commit 73f0df83)
parent 15d81749
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment