Fix in asn1_get_printable string

Buffer overflow vulnerability in proc.c Possible double memory release on invalid certificates. git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@221 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
2025-07-30 16:24:09 +03:00 · 2012-02-10 10:31:02 +00:00
parent 1378f8a78f
commit ffa4da45ee
5 changed files with 29 additions and 17 deletions
--- a/crypto/crypto_misc.c
+++ b/crypto/crypto_misc.c
@ -348,13 +348,15 @@ EXP_FUNC int STDCALL base64_decode(const char *in, int len,

            y = t = 0;
        }
+
+        if (z >= *outlen) /* check that we don't go past the output buffer */
+            goto error;
    }

    if (y != 0)
        goto error;

-    if (outlen)
-        *outlen = z;
+    *outlen = z;
    ret = 0;

 error: