RT3757: base64 encoding bugs Rewrite EVP_DecodeUpdate. In particular: reject extra trailing padding, and padding in the middle of the content. Don't limit line length. Add tests. Previously, the behaviour was ill-defined, and depended on the position of the padding within the input. In addition, this appears to fix a possible two-byte oob read. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Dr Stephen Henson <steve@openssl.org>

commit: 3cdd1e94b1d71f2ce3002738f9506da91fe2af45 [log] [tgz]
author: Emilia Kasper <emilia@openssl.org> Wed Sep 02 15:31:28 2015 +0200
committer: Emilia Kasper <emilia@openssl.org> Thu Sep 17 19:48:14 2015 +0200
tree: 0fc97f2792ce196b5486448aed1b2642a19bca21
parent: 4bd16463b84efb13ce5fb35add284e284b0fd819 [diff] [blame]
diff --git a/CHANGES b/CHANGES
index a7dab6c..3aa9dc8 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,6 +4,12 @@
 
  Changes between 1.0.2 and 1.1.0  [xx XXX xxxx]
 
+  *) Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs.
+     This changes the decoding behaviour for some invalid messages,
+     though the change is mostly in the more lenient direction, and
+     legacy behaviour is preserved as much as possible.
+     [Emilia Käsper]
+
   *) New testing framework
      The testing framework has been largely rewritten and is now using
      perl and the perl modules Test::Harness and an extended variant of
commit	3cdd1e94b1d71f2ce3002738f9506da91fe2af45	[log] [tgz]
author	Emilia Kasper <emilia@openssl.org>	Wed Sep 02 15:31:28 2015 +0200
committer	Emilia Kasper <emilia@openssl.org>	Thu Sep 17 19:48:14 2015 +0200
tree	0fc97f2792ce196b5486448aed1b2642a19bca21
parent	4bd16463b84efb13ce5fb35add284e284b0fd819 [diff] [blame]