diff options
author | Matt Caswell <matt@openssl.org> | 2015-04-27 11:04:56 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-04-30 23:14:55 +0100 |
commit | 4ce06271aac5ebddf02854191611613af5ec83f8 (patch) | |
tree | 8a4c05e0fa99042083d70bd4266200f6c120bfb8 /crypto/des | |
parent | c5f8cd7bc661f90dc012c9d2bae1808a4281985f (diff) |
Sanity check DES_enc_write buffer length
Add a sanity check to DES_enc_write to ensure the buffer length provided
is not negative. Thanks to Kevin Wojtysiak (Int3 Solutions) and Paramjot
Oberoi (Int3 Solutions) for reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 873fb39f20b6763daba226b74e83fb194924c7bf)
Diffstat (limited to 'crypto/des')
-rw-r--r-- | crypto/des/enc_writ.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c index 25041f2aab..bfaabde516 100644 --- a/crypto/des/enc_writ.c +++ b/crypto/des/enc_writ.c @@ -96,6 +96,9 @@ int DES_enc_write(int fd, const void *_buf, int len, const unsigned char *cp; static int start = 1; + if (len < 0) + return -1; + if (outbuf == NULL) { outbuf = OPENSSL_malloc(BSIZE + HDRSIZE); if (outbuf == NULL) |