Add some sanity checks around usage of t_fromb64()
The internal SRP function t_fromb64() converts from base64 to binary. It does not validate that the size of the destination is sufficiently large - that is up to the callers. In some places there was such a check, but not in others. Add an argument to t_fromb64() to provide the size of the destination buffer and validate that we don't write too much data. Also add some sanity checks to the callers where appropriate. With thanks to Shi Lei for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 73f0df83)
parent
f7358595
Please register or sign in to comment