Files
wolfssl/wolfcrypt
Tobias Frauenschläger d88ac76fda F-6347 - Reject negative and oversized length in EVP_EncodeUpdate
wolfSSL_EVP_EncodeUpdate did not validate the input length. A large
inl caused the block loop and the residual copy to read far past the
caller's input buffer, and a negative inl was silently treated as
success. Reject negative lengths and lengths whose base64 output would
overflow a positive int before processing any data.
2026-07-02 11:36:01 +02:00
..