Commit 873fb39f authored by Matt Caswell's avatar Matt Caswell
Browse files

Sanity check DES_enc_write buffer length 



Add a sanity check to DES_enc_write to ensure the buffer length provided
is not negative. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot
Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent 895cba19

crypto/des/enc_writ.c

+3 −0
Original line number Diff line number Diff line
@@ -96,6 +96,9 @@ int DES_enc_write(int fd, const void *_buf, int len, 
    const unsigned char *cp;

    static int start = 1;



    if (len < 0)

        return -1;



    if (outbuf == NULL) {

        outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);

        if (outbuf == NULL)