Source release 16.3.0

oemcrypto/test/oec_key_deriver.cpp

@@ -61,6 +61,12 @@ void Encryptor::PadAndEncryptProvisioningMessage(
   EXPECT_EQ(1, GetRandBytes(data->rsa_key_iv, KEY_IV_SIZE));
   ASSERT_EQ(enc_key_.size(), KEY_SIZE);
   *encrypted = *data;
+  if (data->rsa_key_length > sizeof(data->rsa_key)) {
+    // OEMCrypto Fuzzing: fuzzed |rsa_key_length| overflows the allocated
+    // buffer. Skip encryption in that case.
+    return;
+  }
+
   size_t padding = AES_BLOCK_SIZE - (data->rsa_key_length % AES_BLOCK_SIZE);
   memset(data->rsa_key + data->rsa_key_length, static_cast<uint8_t>(padding),
          padding);