Base64 padding fix. https://rt.openssl.org/Ticket/Display.html?id=2608 Previously, this input to the base64 code: ================================================================================- Would cause the output length of EVP_DecodeUpdate to be negative. When that happened in the base64 BIO, it would crash. In PEM decoding, the ASN.1 code actually maintains signed lengths and manages to simply error out!

commit: 64bda23cad8cb912a55328ee9a298ca4d9795477 [log] [tgz]
author: Adam Langley <agl@chromium.org> Fri Jun 20 12:00:00 2014 -0700
committer: Adam Langley <agl@chromium.org> Fri Jun 20 13:17:36 2014 -0700
tree: 406439eb423a12f59482a5358e2760632571d2aa
parent: c3174b7b2d3b4517b597dc3e0d0db18a718d6ab5 [diff]
diff --git a/crypto/base64/base64.c b/crypto/base64/base64.c
index fb9aa36..94c3055 100644
--- a/crypto/base64/base64.c
+++ b/crypto/base64/base64.c

@@ -250,6 +250,11 @@
         seof = n;
       }
       eof++;
+      if (eof > 2) {
+        /* There are, at most, two equals signs at the end of base64 data. */
+        rv = -1;
+        goto end;
+      }
     }
 
     if (v == B64_CR) {
commit	64bda23cad8cb912a55328ee9a298ca4d9795477	[log] [tgz]
author	Adam Langley <agl@chromium.org>	Fri Jun 20 12:00:00 2014 -0700
committer	Adam Langley <agl@chromium.org>	Fri Jun 20 13:17:36 2014 -0700
tree	406439eb423a12f59482a5358e2760632571d2aa
parent	c3174b7b2d3b4517b597dc3e0d0db18a718d6ab5 [diff]