Base64 padding fix.

https://rt.openssl.org/Ticket/Display.html?id=2608

Previously, this input to the base64 code:

================================================================================-

Would cause the output length of EVP_DecodeUpdate to be negative. When
that happened in the base64 BIO, it would crash. In PEM decoding, the
ASN.1 code actually maintains signed lengths and manages to simply error
out!

crypto/base64/base64.c

@@ -250,6 +250,11 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
         seof = n;
       }
       eof++;
+      if (eof > 2) {
+        /* There are, at most, two equals signs at the end of base64 data. */
+        rv = -1;
+        goto end;
+      }
     }
 
     if (v == B64_CR) {