eet: backport r71524.

SVN revision: 71525
author: Cedric BAIL <cedric.bail@free.fr> 2012-05-30 02:24:12 +0000
committer: Cedric BAIL <cedric.bail@free.fr> 2012-05-30 02:24:12 +0000
commit: f025ef3ee4239979be5f8970849d39bf8bd04cd3 (patch)
tree: f9595d2e57c3c4f8322c48935db9f4b8010131d1
parent: 472a96137b90eb1a2ea3b8de1cb144f73e115942 (diff)
download: eet-f025ef3ee4239979be5f8970849d39bf8bd04cd3.tar.gz
2 files changed, 5 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 30aacd9..598cf45 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -583,3 +583,7 @@
 
 	* Make eet_dictionary thread safe.
 
+2012-05-30  Cedric Bail
+
+	* Check that gnutls and openssl don't return below zero size during decipher.
+
diff --git a/src/lib/eet_cipher.c b/src/lib/eet_cipher.c
index 2425e22..9441d8c 100644
--- a/src/lib/eet_cipher.c
+++ b/src/lib/eet_cipher.c
@@ -1219,7 +1219,7 @@ eet_decipher(const void   *data,
    /* Get the decrypted data size */
    tmp = *ret;
    tmp = ntohl(tmp);
-   if (tmp > tmp_len)
+   if (tmp > tmp_len || tmp <= 0)
      goto on_error;
 
    /* Update the return values */
author	Cedric BAIL <cedric.bail@free.fr>	2012-05-30 02:24:12 +0000
committer	Cedric BAIL <cedric.bail@free.fr>	2012-05-30 02:24:12 +0000
commit	f025ef3ee4239979be5f8970849d39bf8bd04cd3 (patch)
tree	f9595d2e57c3c4f8322c48935db9f4b8010131d1
parent	472a96137b90eb1a2ea3b8de1cb144f73e115942 (diff)
download	eet-f025ef3ee4239979be5f8970849d39bf8bd04cd3.tar.gz