File CVE-2021-3711-3-Check-the-plaintext-buffer-is-large-enough-when-decr.patch of Package openssl-1_1.24606

Index: openssl-1.1.1d/crypto/sm2/sm2_crypt.c
===================================================================
--- openssl-1.1.1d.orig/crypto/sm2/sm2_crypt.c
+++ openssl-1.1.1d/crypto/sm2/sm2_crypt.c
@@ -294,6 +294,10 @@ int sm2_decrypt(const EC_KEY *key,
     C2 = sm2_ctext->C2->data;
     C3 = sm2_ctext->C3->data;
     msg_len = sm2_ctext->C2->length;
+    if (*ptext_len < (size_t)msg_len) {
+        SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
+        goto done;
+    }
 
     ctx = BN_CTX_new();
     if (ctx == NULL) {