Commit b86d7dca authored by Matt Caswell's avatar Matt Caswell
Browse files

Sanity check EVP_EncodeUpdate buffer len 



There was already a sanity check to ensure the passed buffer length is not
zero. Extend this to ensure that it also not negative. Thanks to Kevin
Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for
reporting this issue.

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent c8269881

crypto/evp/encode.c

+1 −1
Original line number Diff line number Diff line
@@ -137,7 +137,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, 
    unsigned int total = 0;



    *outl = 0;

    if (inl == 0)

    if (inl <= 0)

        return;

    OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));

    if ((ctx->num + inl) < ctx->length) {