diff options
author | Matt Caswell <matt@openssl.org> | 2015-04-27 11:13:56 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-04-30 23:12:39 +0100 |
commit | b86d7dca69f5c80abd60896c8ed3039fc56210cc (patch) | |
tree | c45dda461606988b1bd9fc150f5635650378009c | |
parent | c8269881093324b881b81472be037055571f73f3 (diff) | |
download | openssl-b86d7dca69f5c80abd60896c8ed3039fc56210cc.zip openssl-b86d7dca69f5c80abd60896c8ed3039fc56210cc.tar.gz openssl-b86d7dca69f5c80abd60896c8ed3039fc56210cc.tar.bz2 |
Sanity check EVP_EncodeUpdate buffer len
There was already a sanity check to ensure the passed buffer length is not
zero. Extend this to ensure that it also not negative. Thanks to Kevin
Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
-rw-r--r-- | crypto/evp/encode.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index 682a914..053c1d8 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -137,7 +137,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, unsigned int total = 0; *outl = 0; - if (inl == 0) + if (inl <= 0) return; OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); if ((ctx->num + inl) < ctx->length) { |