Prevent OOB in SRP base64 code. (ecca1663) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit ecca1663 authored Feb 21, 2017 by

Rich Salz

Prevent OOB in SRP base64 code.



Change size comparison from > (GT) to >= (GTE) to ensure an additional
byte of output buffer, to prevent OOB reads/writes later in the function
Reject input strings larger than 2GB
Detect invalid output buffer size and return early

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2672)

parent 9dd4ac8c

Hide whitespace changes

Inline Side-by-side

Please register or to comment