diff options
author | Cedric BAIL <cedric.bail@free.fr> | 2012-05-30 02:24:12 +0000 |
---|---|---|
committer | Cedric BAIL <cedric.bail@free.fr> | 2012-05-30 02:24:12 +0000 |
commit | f025ef3ee4239979be5f8970849d39bf8bd04cd3 (patch) | |
tree | f9595d2e57c3c4f8322c48935db9f4b8010131d1 | |
parent | 472a96137b90eb1a2ea3b8de1cb144f73e115942 (diff) | |
download | eet-f025ef3ee4239979be5f8970849d39bf8bd04cd3.tar.gz |
eet: backport r71524.
SVN revision: 71525
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | src/lib/eet_cipher.c | 2 |
2 files changed, 5 insertions, 1 deletions
@@ -583,3 +583,7 @@ * Make eet_dictionary thread safe. +2012-05-30 Cedric Bail + + * Check that gnutls and openssl don't return below zero size during decipher. + diff --git a/src/lib/eet_cipher.c b/src/lib/eet_cipher.c index 2425e22..9441d8c 100644 --- a/src/lib/eet_cipher.c +++ b/src/lib/eet_cipher.c @@ -1219,7 +1219,7 @@ eet_decipher(const void *data, /* Get the decrypted data size */ tmp = *ret; tmp = ntohl(tmp); - if (tmp > tmp_len) + if (tmp > tmp_len || tmp <= 0) goto on_error; /* Update the return values */ |