From 81223902d09da1dc0bad8e82768832df00b12b6c Mon Sep 17 00:00:00 2001
From: clowwindy <clowwindy42@gmail.com>
Date: Fri, 19 Sep 2014 01:07:10 +0800
Subject: [PATCH] fix a potential BOF

---
 shadowsocks/crypto/ctypes_openssl.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/shadowsocks/crypto/ctypes_openssl.py b/shadowsocks/crypto/ctypes_openssl.py
index 696952a..de3514c 100644
--- a/shadowsocks/crypto/ctypes_openssl.py
+++ b/shadowsocks/crypto/ctypes_openssl.py
@@ -26,6 +26,8 @@ __all__ = ['ciphers']
 
 loaded = False
 
+buf_size = 2048
+
 
 def load_openssl():
     global loaded, libcrypto, CDLL, c_char_p, c_int, c_long, byref,\
@@ -50,7 +52,7 @@ def load_openssl():
     libcrypto.EVP_CIPHER_CTX_cleanup.argtypes = (c_void_p,)
     libcrypto.EVP_CIPHER_CTX_free.argtypes = (c_void_p,)
 
-    buf = create_string_buffer(65536)
+    buf = create_string_buffer(buf_size)
     loaded = True
 
 
@@ -87,10 +89,14 @@ class CtypesCrypto(object):
             raise Exception('can not initialize cipher context')
 
     def update(self, data):
+        global buf_size, buf
         cipher_out_len = c_long(0)
+        l = len(data)
+        if buf_size < l:
+            buf_size = l * 2
+            buf = create_string_buffer(buf_size)
         libcrypto.EVP_CipherUpdate(self._ctx, byref(buf),
-                                   byref(cipher_out_len), c_char_p(data),
-                                   len(data))
+                                   byref(cipher_out_len), c_char_p(data), l)
         # buf is copied to a str object when we access buf.raw
         return buf.raw[:cipher_out_len.value]