diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-07-06 00:32:44 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-07-06 00:36:14 +0100 |
| commit | 5c1b373be6c38586effdcbb14f185505c54efb5c (patch) | |
| tree | f57299f0748aae6e5ad1ad544b7a9a190e041a71 /crypto/pem | |
| parent | 648a9f7c2fce2960723cd330fd9565a59ff3927b (diff) | |
Sanity check keylength in PVK files.
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
Diffstat (limited to 'crypto/pem')
| -rw-r--r-- | crypto/pem/pvkfmt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index b1bf71a5da..ae89f8281a 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); p += 8; + if (keylen < 8) + { + PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); + return NULL; + } inlen = keylen - 8; q = enctmp + 8; if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) |