diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-07-06 00:32:44 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-07-06 00:36:16 +0100 |
| commit | 5ecf1141a51ef862b498de6fa23244a47b547c47 (patch) | |
| tree | 5ada0f57a639561b8936731421bfabd7797a10ef /crypto/pem | |
| parent | 75b7606881b08a892f487629cc30e63dff1800cb (diff) | |
| download | openssl-5ecf1141a51ef862b498de6fa23244a47b547c47.tar.gz | |
Sanity check keylength in PVK files.
PR#2277
Diffstat (limited to 'crypto/pem')
| -rw-r--r-- | crypto/pem/pvkfmt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index b1bf71a5da..ae89f8281a 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); p += 8; + if (keylen < 8) + { + PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); + return NULL; + } inlen = keylen - 8; q = enctmp + 8; if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) |