mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-09 04:40:52 +02:00
2943ee6a69
wolfSSL_EVP_EncodeBlock rejected negative input lengths but passed any large positive length straight to Base64_Encode_NoNl, which read that many bytes from the caller input buffer and ran past its allocation. Reject input lengths whose base64 output would overflow a positive int, which also bounds the read against the caller allocation. The encoded length is the int return value, so the safe maximum input is (INT_MAX / 4) * 3.