Sanity check keylength in PVK files.

PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
This commit is contained in:
Dr. Stephen Henson 2014-07-06 00:32:44 +01:00
parent cf3792b3e4
commit aeae79951c

View File

@ -755,6 +755,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
/* Copy BLOBHEADER across, decrypt rest */
memcpy(enctmp, p, 8);
p += 8;
if (keylen < 8)
{
PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
return NULL;
}
inlen = keylen - 8;
q = enctmp + 8;
EVP_CIPHER_CTX_init(&cctx);