From 54a656ef081f72a740c550ebd8099b40b8b5cde0 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Wed, 13 Nov 2002 15:43:43 +0000 Subject: Security fixes brought forward from 0.9.7. --- crypto/evp/p5_crpt.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'crypto/evp/p5_crpt.c') diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index 27a8286489..d15b799281 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -140,7 +140,9 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, EVP_DigestFinal_ex (&ctx, md_tmp, NULL); } EVP_MD_CTX_cleanup(&ctx); + OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp); memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); + OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16); memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), EVP_CIPHER_iv_length(cipher)); EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); -- cgit v1.2.3