diff options
author | Neil Horman <nhorman@openssl.org> | 2024-01-01 11:53:50 -0500 |
---|---|---|
committer | Neil Horman <nhorman@openssl.org> | 2024-01-03 10:20:59 -0500 |
commit | 12fe0d59581b1760723531b064ab1b66b9bc50a7 (patch) | |
tree | c847da675775795d425b2ee28b2e3ab4cfa53812 /fuzz/asn1parse.c | |
parent | 8a843dc19b9057464596231f2d855a57e82b20bf (diff) |
validate requested key length in kdf_pbkdf1_do_derive
When using pbkdf1 key deriviation, it is possible to request a key
length larger than the maximum digest size a given digest can produce,
leading to a read of random stack memory.
fix it by returning an error if the requested key size n is larger than
the EVP_MD_size of the digest
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23174)
(cherry picked from commit 8d89050f0f676b429043fd5445e5a570d54ad225)
Diffstat (limited to 'fuzz/asn1parse.c')
0 files changed, 0 insertions, 0 deletions