Sanity check EVP_EncodeUpdate buffer len

There was already a sanity check to ensure the passed buffer length is not zero. Extend this to ensure that it also not negative. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot Oberoi (Int3 Solutions) for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit b86d7dca69f5c80abd60896c8ed3039fc56210cc)
2015-04-27 11:13:56 +01:00 · 2015-04-27 11:13:56 +01:00 · 951ede2a06
commit 951ede2a06
parent 974d4d675c
1 changed files with 1 additions and 1 deletions
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@ -137,7 +137,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
    unsigned int total = 0;

    *outl = 0;
-    if (inl == 0)
+    if (inl <= 0)
        return;
    OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
    if ((ctx->num + inl) < ctx->length) {