File r1961-EncryptTest-Fix-buffer-overflow-in-decrypted-out-buffer-in-TestEncrypt.patch of Package podofo.23798
------------------------------------------------------------------------
r1961 | mabri | 2019-02-03 00:14:11 +0100 (dom 03 de feb de 2019) | 17 líneas
Patch by Francesco Pretto: EncryptTest: Fix buffer overflow in decrypted out buffer in TestEncrypt()
According to OpenSSL 1.1.0 documentation[1], "the decrypted data buffer out passed
to the EVP_DecryptUpdate() should have sufficient room for (inl + cipher_block_size)
bytes". In TestEncrypt(), pDecryptedBuffer has the exactly the size of the known clear
text, which sounds correct but it's currently violating the contract of EVP_DecryptUpdate()
used in PdfEncryptAESBase::BaseDecrypt() and causing a buffer overflow detected by
MSVC when running the the test in a Debug build. Fix TestEncrypt() so the out data buffer
will end up having exactly inl + cipher_block_size bytes.
[1] https://www.openssl.org/docs/man1.1.0/crypto/EVP_DecryptUpdate.html
The foregoing patch description except for the patch attribution is content-wise by the patch author.
Patch-Date: Tue Dec 25 20:59:16 2018 +0100
Post-Archive-Date: 2018-12-25 20:04:26 +0000
Post-Archive-URL: https://sourceforge.net/p/podofo/mailman/message/36501805/
Index: test/unit/EncryptTest.cpp
===================================================================
--- test/unit/EncryptTest.cpp (revisión: 1960)
+++ test/unit/EncryptTest.cpp (revisión: 1961)
@@ -199,7 +199,7 @@
pdf_long nOutputLen = pEncrypt->CalculateStreamLength(m_lLen);
unsigned char *pEncryptedBuffer = new unsigned char[nOutputLen];
- unsigned char *pDecryptedBuffer = new unsigned char[m_lLen];
+ unsigned char *pDecryptedBuffer = new unsigned char[nOutputLen];
// Encrypt buffer
try {
------------------------------------------------------------------------