generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix HMAC to pass invalid key len test

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-02-10 13:15:25 +00:00
parent 4ebc70cc51
commit 42c9c7103c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/hmac/hmac.c
View File

@ -113,7 +113,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
&ctx->key_length)) &ctx->key_length))
goto err; goto err;
} else { } else {
OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key)); if(len < 0 || len > (int)sizeof(ctx->key))
return 0;
memcpy(ctx->key, key, len); memcpy(ctx->key, key, len);
ctx->key_length = len; ctx->key_length = len;
} }