eet: properly check buffer size during decipher.
Fix bug #1017. SVN revision: 71524
This commit is contained in:
parent
140e97171b
commit
2c4c47ae0f
|
@ -594,3 +594,7 @@
|
|||
2012-05-15 Cedric Bail
|
||||
|
||||
* Make eet_dictionary thread safe.
|
||||
|
||||
2012-05-30 Cedric Bail
|
||||
|
||||
* Check that gnutls and openssl don't return below zero size during decipher.
|
||||
|
|
|
@ -6,6 +6,7 @@ Changes since Eet 1.6.0:
|
|||
Fixes:
|
||||
* Force destruction of all pending file when shuting down eet.
|
||||
* Make eet_dictionary thread safe.
|
||||
* Check that gnutls and openssl don't return below zero size during decipher.
|
||||
|
||||
Eet 1.6.0
|
||||
|
||||
|
|
|
@ -1219,7 +1219,7 @@ eet_decipher(const void *data,
|
|||
/* Get the decrypted data size */
|
||||
tmp = *ret;
|
||||
tmp = ntohl(tmp);
|
||||
if (tmp > tmp_len)
|
||||
if (tmp > tmp_len || tmp <= 0)
|
||||
goto on_error;
|
||||
|
||||
/* Update the return values */
|
||||
|
|
Loading…
Reference in New Issue