62b0a0dea6
Move the call to ct_base64_decode(), which allocates, until after the check for NULL output parameter. Also place a cap on the number of padding characters used to decrement the output length -- any more than two '='s is not permitted in a well-formed base64 text. Prior to this change, ct_base64_decode() would return a length of -1 along with allocated storage for an input of "====". Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3379) |
||
|---|---|---|
| .. | ||
| build.info | ||
| ct_b64.c | ||
| ct_err.c | ||
| ct_locl.h | ||
| ct_log.c | ||
| ct_oct.c | ||
| ct_policy.c | ||
| ct_prn.c | ||
| ct_sct.c | ||
| ct_sct_ctx.c | ||
| ct_vfy.c | ||
| ct_x509v3.c | ||