[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Emilia Kasper emilia at openssl.org
Thu Sep 17 19:45:40 UTC 2015 

The branch OpenSSL_1_0_2-stable has been updated
       via  cb71f17dc786c72ec74c0ebb983b3ccfde484271 (commit)
      from  37faf117965de181f4de0b4032eecac2566de5f6 (commit)


- Log -----------------------------------------------------------------
commit cb71f17dc786c72ec74c0ebb983b3ccfde484271
Author: Emilia Kasper <emilia at openssl.org>
Date:   Thu Sep 17 20:08:48 2015 +0200

    base64 decode: check for high bit
    
    Previously, the conversion would silently coerce to ASCII. Now, we error
    out.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit b785504a10310cb2872270eb409b70971be5e76e)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/encode.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
index f758a8c..3005560 100644
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@@ -60,9 +60,9 @@
 #include "cryptlib.h"
 #include <openssl/evp.h>
 
+static unsigned char conv_ascii2bin(unsigned char a);
 #ifndef CHARSET_EBCDIC
 # define conv_bin2ascii(a)       (data_bin2ascii[(a)&0x3f])
-# define conv_ascii2bin(a)       (data_ascii2bin[(a)&0x7f])
 #else
 /*
  * We assume that PEM encoded files are EBCDIC files (i.e., printable text
@@ -71,7 +71,6 @@
  * as the underlying textstring data_bin2ascii[] is already EBCDIC)
  */
 # define conv_bin2ascii(a)       (data_bin2ascii[(a)&0x3f])
-# define conv_ascii2bin(a)       (data_ascii2bin[os_toascii[a]&0x7f])
 #endif
 
 /*-
@@ -124,6 +123,23 @@ static const unsigned char data_ascii2bin[128] = {
     0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
 };
 
+#ifndef CHARSET_EBCDIC
+static unsigned char conv_ascii2bin(unsigned char a)
+{
+    if (a & 0x80)
+        return B64_ERROR;
+    return data_ascii2bin[a];
+}
+#else
+static unsigned char conv_ascii2bin(unsigned char a)
+{
+    a = os_toascii[a];
+    if (a & 0x80)
+        return B64_ERROR;
+    return data_ascii2bin[a];
+}
+#endif
+
 void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
 {
     ctx->length = 48;

More information about the openssl-commits mailing list