Blame SOURCES/openssl-1.0.1e-cve-2015-0292.patch

96beb5
diff -up openssl-1.0.1e/crypto/evp/encode.c.b64-underflow openssl-1.0.1e/crypto/evp/encode.c
96beb5
--- openssl-1.0.1e/crypto/evp/encode.c.b64-underflow	2013-02-11 16:26:04.000000000 +0100
96beb5
+++ openssl-1.0.1e/crypto/evp/encode.c	2015-03-18 18:16:26.452331934 +0100
96beb5
@@ -324,6 +324,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx
96beb5
 				v=EVP_DecodeBlock(out,d,n);
96beb5
 				n=0;
96beb5
 				if (v < 0) { rv=0; goto end; }
96beb5
+				if (eof > v) { rv=-1; goto end; }
96beb5
 				ret+=(v-eof);
96beb5
 				}
96beb5
 			else