Greetings,

It appears that EVP_DecryptUpdate() incorrectly writes beyond the end
of the
output buffer, when "ctx->final_used" is set upon invocation.

See code snippet from evp_enc.c:
1 if(ctx->final_used)
2 {
3 memcpy(out,ctx->final,b);
4 out+=b;
5 fix_len = 1;
6 }
7 else
8 fix_len = 0;
9
10
11 if(!EVP_EncryptUpdate(ctx,out,outl,in,inl))
12 return 0;

Lets assume the size of buffer pointed to by "out" is the same as the
size of buffer pointed to
by "in". Lets further assume that this is the 2nd time that
EVP_DecryptUpdate was called
for a given "object"... ctx->final will contain "block_len" data...lets
assume that is 16 bytes.
ctx->final is copied at line 3 above to "out", "out" is bumped on line
4, then EVP_EncryptUpdate()
is called on line 11...EVP_EncryptUpdate will "decrypt" and move
input_buffer_length characters
from "in" to "out"...which could be 16 bytes too far... a storage
overlay has occurred.

-tony