Files
wolfssl/wolfcrypt
Tobias Frauenschläger 2943ee6a69 F-6346 - Reject oversized length in EVP_EncodeBlock
wolfSSL_EVP_EncodeBlock rejected negative input lengths but passed any
large positive length straight to Base64_Encode_NoNl, which read that
many bytes from the caller input buffer and ran past its allocation.

Reject input lengths whose base64 output would overflow a positive int,
which also bounds the read against the caller allocation. The encoded
length is the int return value, so the safe maximum input is
(INT_MAX / 4) * 3.
2026-07-02 11:36:01 +02:00
..