diff options
author | Klavishnik <evg.shtanov@gmail.com> | 2023-08-09 17:05:03 +0300 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-10-09 12:05:10 +0200 |
commit | 962c7e0cb73fa6d83eee4bc57eb6e10c690509a1 (patch) | |
tree | e3e1a3ed9899f803c4d5227c1ec06f005068ca03 /providers | |
parent | 02ddffc2c9b3a5f27d9d1b393b6c3fa1d97b9eed (diff) |
Avoid divide-by-zero in kmac_prov.c's bytepad()
This would happen if EVP_MD_get_block_size() returned 0
so we return an error instead.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21698)
(cherry picked from commit 91895e39b10033178e662fc7427a09d7562cf8e1)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/macs/kmac_prov.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index b93975b579..48bdef9ef8 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -249,7 +249,7 @@ static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key, ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } - if (w < 0) { + if (w <= 0) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH); return 0; } @@ -289,7 +289,7 @@ static int kmac_init(void *vmacctx, const unsigned char *key, return 0; t = EVP_MD_get_block_size(ossl_prov_digest_md(&kctx->digest)); - if (t < 0) { + if (t <= 0) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH); return 0; } |