Commit 04a81e3c authored by Cedric BAIL's avatar Cedric BAIL

eet: fix crash when cyphering hyge amount of data.

Patch by Leandro Sansilva.


SVN revision: 72906
parent 28d9f92e
......@@ -13,3 +13,4 @@ Adam Simpkins <adam@adamsimpkins.net>
Mike Blumenkrantz <michael.blumenkrantz@gmail.com>
Lionel Orry <lionel.orry@gmail.com>
Jérôme Pinot <ngc891@gmail.com>
Leandro Sansilva
......@@ -598,3 +598,7 @@
2012-05-30 Cedric Bail
* Check that gnutls and openssl don't return below zero size during decipher.
2012-06-27 Leandro Sansilva
* Fix crash when cyphering huge amount of data.
......@@ -7,6 +7,7 @@ Fixes:
* Force destruction of all pending file when shuting down eet.
* Make eet_dictionary thread safe.
* Check that gnutls and openssl don't return below zero size during decipher.
* Fix crash when cyphering huge amount of data.
Eet 1.6.0
......
......@@ -968,7 +968,7 @@ eet_cipher(const void *data,
# else /* ifdef HAVE_GNUTLS */
/* Openssl declarations*/
EVP_CIPHER_CTX ctx;
unsigned int *buffer;
unsigned int *buffer = NULL;
int tmp_len;
# endif /* ifdef HAVE_GNUTLS */
......@@ -1043,7 +1043,8 @@ eet_cipher(const void *data,
/* Gcrypt close the cipher */
gcry_cipher_close(cipher);
# else /* ifdef HAVE_GNUTLS */
buffer = alloca(crypted_length);
buffer = malloc(crypted_length);
if (!buffer) goto on_error;
*buffer = tmp;
memcpy(buffer + 1, data, size);
......@@ -1071,6 +1072,7 @@ eet_cipher(const void *data,
goto on_error;
EVP_CIPHER_CTX_cleanup(&ctx);
free(buffer);
# endif /* ifdef HAVE_GNUTLS */
/* Set return values */
......@@ -1098,6 +1100,8 @@ on_error:
if (opened)
EVP_CIPHER_CTX_cleanup(&ctx);
free(buffer);
# endif /* ifdef HAVE_GNUTLS */
/* General error */
free(ret);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment