From f13663bcc1a0d7b86a29e52e0a0d5bd746bc4d21 Mon Sep 17 00:00:00 2001
From: Mike DePaulo <mikedep333@gmail.com>
Date: Mon, 1 Sep 2014 17:44:28 -0400
Subject: Update OpenSSL from 1.0.1h to 1.0.1i

---
 openssl/crypto/pem/pvkfmt.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'openssl/crypto/pem')

diff --git a/openssl/crypto/pem/pvkfmt.c b/openssl/crypto/pem/pvkfmt.c
index b1bf71a5d..ae89f8281 100644
--- a/openssl/crypto/pem/pvkfmt.c
+++ b/openssl/crypto/pem/pvkfmt.c
@@ -759,6 +759,11 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
 		/* Copy BLOBHEADER across, decrypt rest */
 		memcpy(enctmp, p, 8);
 		p += 8;
+		if (keylen < 8)
+			{
+			PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+			return NULL;
+			}
 		inlen = keylen - 8;
 		q = enctmp + 8;
 		if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
-- 
cgit v1.2.3