eet: fix crash when cyphering hyge amount of data.

Patch by Leandro Sansilva. SVN revision: 72906
author: Cedric BAIL <cedric.bail@free.fr> 2012-06-27 00:37:05 +0000
committer: Cedric BAIL <cedric.bail@free.fr> 2012-06-27 00:37:05 +0000
commit: d30954c39dc428840a44cbc27124a9e2e16bcb3a (patch)
tree: 501b21fdde7a4cec2ab0840dc27fccf54315679d
parent: 73a12a1215aae6d6c02e80d86bcc390c500e75e4 (diff)
download: eet-d30954c39dc428840a44cbc27124a9e2e16bcb3a.tar.gz
4 files changed, 12 insertions, 2 deletions
diff --git a/AUTHORS b/AUTHORS
index c0d3edd..868fdea 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -13,3 +13,4 @@ Adam Simpkins <adam@adamsimpkins.net>
 Mike Blumenkrantz <michael.blumenkrantz@gmail.com>
 Lionel Orry <lionel.orry@gmail.com>
 Jérôme Pinot <ngc891@gmail.com>
+Leandro Sansilva
diff --git a/ChangeLog b/ChangeLog
index c862049..aac09e2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -598,3 +598,7 @@
 2012-05-30  Cedric Bail
 
 	* Check that gnutls and openssl don't return below zero size during decipher.
+
+2012-06-27  Leandro Sansilva
+
+	* Fix crash when cyphering huge amount of data.
diff --git a/NEWS b/NEWS
index f7da97e..9506fad 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,7 @@ Fixes:
     * Force destruction of all pending file when shuting down eet.
     * Make eet_dictionary thread safe.
     * Check that gnutls and openssl don't return below zero size during decipher.
+    * Fix crash when cyphering huge amount of data.
 
 Eet 1.6.0
 
diff --git a/src/lib/eet_cipher.c b/src/lib/eet_cipher.c
index 9441d8c..5bd9f25 100644
--- a/src/lib/eet_cipher.c
+++ b/src/lib/eet_cipher.c
@@ -968,7 +968,7 @@ eet_cipher(const void   *data,
 # else /* ifdef HAVE_GNUTLS */
    /* Openssl declarations*/
    EVP_CIPHER_CTX ctx;
-   unsigned int *buffer;
+   unsigned int *buffer = NULL;
    int tmp_len;
 # endif /* ifdef HAVE_GNUTLS */
 
@@ -1043,7 +1043,8 @@ eet_cipher(const void   *data,
    /* Gcrypt close the cipher */
    gcry_cipher_close(cipher);
 # else /* ifdef HAVE_GNUTLS */
-   buffer = alloca(crypted_length);
+   buffer = malloc(crypted_length);
+   if (!buffer) goto on_error;
    *buffer = tmp;
 
    memcpy(buffer + 1, data, size);
@@ -1071,6 +1072,7 @@ eet_cipher(const void   *data,
      goto on_error;
 
    EVP_CIPHER_CTX_cleanup(&ctx);
+   free(buffer);
 # endif /* ifdef HAVE_GNUTLS */
 
    /* Set return values */
@@ -1098,6 +1100,8 @@ on_error:
    if (opened)
      EVP_CIPHER_CTX_cleanup(&ctx);
 
+   free(buffer);
+   
 # endif /* ifdef HAVE_GNUTLS */
    /* General error */
    free(ret);
author	Cedric BAIL <cedric.bail@free.fr>	2012-06-27 00:37:05 +0000
committer	Cedric BAIL <cedric.bail@free.fr>	2012-06-27 00:37:05 +0000
commit	d30954c39dc428840a44cbc27124a9e2e16bcb3a (patch)
tree	501b21fdde7a4cec2ab0840dc27fccf54315679d
parent	73a12a1215aae6d6c02e80d86bcc390c500e75e4 (diff)
download	eet-d30954c39dc428840a44cbc27124a9e2e16bcb3a.tar.gz