K S Sreeram wrote:
when block padding is used, byte value 0 can never be the final byte of the padded plain text, the only valid range is [1 .. block_size]. The check for 0 is not performed when detecting malformed padding in EVP_DecryptFinal_ex. I've attached the one-line patch for this.
ok, fixed. Thanks, Nils ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
