diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2011-09-12 18:45:05 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2011-09-12 18:45:05 +0000 |
| commit | 361d18a20836b790e6ffebaf8f7223f686811290 (patch) | |
| tree | bc14690912c3c1d0ce7e66b32399894ebe1b4d55 /fips | |
| parent | de2132de937217353d0a4a0aafa087d263a23ba0 (diff) | |
Check length of additional input in DRBG generate function.
Diffstat (limited to 'fips')
| -rw-r--r-- | fips/rand/fips_drbg_lib.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c index 98bd10bce3..015b95a972 100644 --- a/fips/rand/fips_drbg_lib.c +++ b/fips/rand/fips_drbg_lib.c @@ -377,6 +377,12 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen, return 0; } + if (adinlen > dctx->max_adin) + { + r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG; + goto end; + } + if (dctx->flags & DRBG_CUSTOM_RESEED) dctx->generate(dctx, NULL, outlen, NULL, 0); else if (dctx->reseed_counter >= dctx->reseed_interval) |