eet: backport r71524.

SVN revision: 71525
author: Cedric BAIL <cedric.bail@free.fr> 2012-05-30 02:24:12 +0000
committer: Cedric BAIL <cedric.bail@free.fr> 2012-05-30 02:24:12 +0000
commit: 9bc5aad167c92f6f3bec324df87e93d41648befd (patch)
tree: 583de796aee74c10a81a903c4277958cc63d0cd0
parent: 9ab8ccee2d09cc5540da3346294439976c3d17c5 (diff)
download: eet-9bc5aad167c92f6f3bec324df87e93d41648befd.tar.gz
2 files changed, 5 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 405d123..f2ed3a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -498,3 +498,7 @@
 2011-07-04  Mike Blumenkrantz
 
         * Fix segmentation faults in several eet_node functions
+
+2012-05-30  Cedric Bail
+
+	* Check that gnutls and openssl don't return below zero size during decipher.
diff --git a/src/lib/eet_cipher.c b/src/lib/eet_cipher.c
index 6eff8de..fca0941 100644
--- a/src/lib/eet_cipher.c
+++ b/src/lib/eet_cipher.c
@@ -1181,7 +1181,7 @@ eet_decipher(const void   *data,
    /* Get the decrypted data size */
    tmp = *ret;
    tmp = ntohl(tmp);
-   if (tmp > tmp_len)
+   if (tmp > tmp_len || tmp <= 0)
       goto on_error;
 
    /* Update the return values */
author	Cedric BAIL <cedric.bail@free.fr>	2012-05-30 02:24:12 +0000
committer	Cedric BAIL <cedric.bail@free.fr>	2012-05-30 02:24:12 +0000
commit	9bc5aad167c92f6f3bec324df87e93d41648befd (patch)
tree	583de796aee74c10a81a903c4277958cc63d0cd0
parent	9ab8ccee2d09cc5540da3346294439976c3d17c5 (diff)
download	eet-9bc5aad167c92f6f3bec324df87e93d41648befd.tar.gz