generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 2522

Browse Source 
Submitted by: Henrik Grindal Bakken <henribak@cisco.com>

Don't compare past end of buffer.
This commit is contained in:
Dr. Stephen Henson 2011-05-23 12:27:43 +00:00
parent 62f29eb1cf
commit 73ab341130
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fips/rand/fips_drbg_lib.c
View File

@ -145,7 +145,7 @@ static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout,
if (rv < (min_len + bl) || (rv % bl))
return 0;
/* Compare consecutive blocks for continuous PRNG test */
for (p = tout; p < tout + rv; p += bl)
for (p = tout; p < tout + rv - bl; p += bl)
{
if (!memcmp(p, p + bl, bl))
{