mirror of
https://github.com/QuasarApp/openssl.git
synced 2025-05-17 11:59:42 +00:00
c6a9f005be
Change size comparison from > (GT) to >= (GTE) to ensure an additional byte of output buffer, to prevent OOB reads/writes later in the function Reject input strings larger than 2GB Detect invalid output buffer size and return early Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2672) (cherry picked from commit ecca16632a73bb80ee27cdec8a97f6def0a4714d)