wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sanity check DES_enc_write buffer length

Browse source 
Add a sanity check to DES_enc_write to ensure the buffer length provided
is not negative. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot
Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 873fb39f20)
This commit is contained in:
Matt Caswell 2015-04-27 11:04:56 +01:00
parent c5f8cd7bc6
commit 4ce06271aa
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
crypto/des/enc_writ.c
View file

@ -96,6 +96,9 @@ int DES_enc_write(int fd, const void *_buf, int len,
const unsigned char *cp;
static int start = 1;
if (len < 0)
return -1;
if (outbuf == NULL) {
outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
if (outbuf == NULL)