diff options
Diffstat (limited to 'lib/libcrypto/evp/encode.c')
| -rw-r--r-- | lib/libcrypto/evp/encode.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/lib/libcrypto/evp/encode.c b/lib/libcrypto/evp/encode.c index 9540a849c9f..2268b8d2f27 100644 --- a/lib/libcrypto/evp/encode.c +++ b/lib/libcrypto/evp/encode.c @@ -259,6 +259,12 @@ EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, goto end; } + /* There should not be base64 data after padding. */ + if (eof && tmp != '=' && tmp != '\r' && tmp != '\n') { + rv = -1; + goto end; + } + /* have we seen a '=' which is 'definitely' the last * input line. seof will point to the character that * holds it. and eof will hold how many characters to @@ -269,6 +275,12 @@ EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, eof++; } + /* There should be no more than two padding markers. */ + if (eof > 2) { + rv = -1; + goto end; + } + if (v == B64_CR) { ln = 0; if (exp_nl) |