Merge remote-tracking branch 'origin/released'

Conflicts: openssl/Makefile openssl/crypto/opensslconf.h
author: marha <marha@users.sourceforge.net> 2014-09-02 18:48:52 +0200
committer: marha <marha@users.sourceforge.net> 2014-09-02 18:48:52 +0200
commit: dea8f13d8104872dec9243abe06f3d9e4c807ccd (patch)
tree: b01e5b901eaca45f1e3aa2b6fddfd45ca271ee75 /openssl/crypto/pem
parent: 3293021e6f582c7348667e7638941620134525e1 (diff)
parent: 04168ae281bfbd714ddf6b90d98eac892508dde8 (diff)
download: vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.tar.gz
vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.tar.bz2
vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/openssl/crypto/pem/pvkfmt.c b/openssl/crypto/pem/pvkfmt.c
index b1bf71a5d..ae89f8281 100644
--- a/openssl/crypto/pem/pvkfmt.c
+++ b/openssl/crypto/pem/pvkfmt.c
@@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 		/* Copy BLOBHEADER across, decrypt rest */
 		memcpy(enctmp, p, 8);
 		p += 8;
+		if (keylen < 8)
+			{
+			PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+			return NULL;
+			}
 		inlen = keylen - 8;
 		q = enctmp + 8;
 		if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
author	marha <marha@users.sourceforge.net>	2014-09-02 18:48:52 +0200
committer	marha <marha@users.sourceforge.net>	2014-09-02 18:48:52 +0200
commit	dea8f13d8104872dec9243abe06f3d9e4c807ccd (patch)
tree	b01e5b901eaca45f1e3aa2b6fddfd45ca271ee75 /openssl/crypto/pem
parent	3293021e6f582c7348667e7638941620134525e1 (diff)
parent	04168ae281bfbd714ddf6b90d98eac892508dde8 (diff)
download	vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.tar.gz vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.tar.bz2 vcxsrv-dea8f13d8104872dec9243abe06f3d9e4c807ccd.zip