generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

If we're going to return errors (no matter how stupid), then we should

Browse Source 
test for them!
This commit is contained in:
Ben Laurie
2008-12-29 16:11:58 +00:00
parent 8aa02e97a7
commit 0eab41fb78
28 changed files with 168 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
ssl/s2_lib.c
View File

@@ -455,6 +455,7 @@ int ssl2_generate_key_material(SSL *s)
unsigned char *km;
unsigned char c='0';
const EVP_MD *md5;
int md_size;
md5 = EVP_md5();
@@ -471,10 +472,12 @@ int ssl2_generate_key_material(SSL *s)
SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
return 0;
}
for (i=0; i<s->s2->key_material_length; i += EVP_MD_size(md5))
md_size = EVP_MD_size(md5);
if (md_size < 0)
return 0;
for (i=0; i<s->s2->key_material_length; i += md_size)
{
if (((km - s->s2->key_material) + EVP_MD_size(md5)) >
if (((km - s->s2->key_material) + md_size) >
(int)sizeof(s->s2->key_material))
{
/* EVP_DigestFinal_ex() below would write beyond buffer */
@@ -493,7 +496,7 @@ int ssl2_generate_key_material(SSL *s)
EVP_DigestUpdate(&ctx,s->s2->challenge,s->s2->challenge_length);
EVP_DigestUpdate(&ctx,s->s2->conn_id,s->s2->conn_id_length);
EVP_DigestFinal_ex(&ctx,km,NULL);
km += EVP_MD_size(md5);
km += md_size;
}
EVP_MD_CTX_cleanup(&ctx);