From d5975c8d5a171551dd42ffa18ca12e84f29ad106 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 4 May 2016 13:13:24 +0100
Subject: reject zero block length in PKCS12 keygen

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 crypto/pkcs12/p12_key.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/pkcs12')

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 1a1ea7059c..764f91bab9 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -128,7 +128,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 #endif
     v = EVP_MD_block_size(md_type);
     u = EVP_MD_size(md_type);
-    if (u < 0)
+    if (u < 0 || v <= 0)
         goto err;
     D = OPENSSL_malloc(v);
     Ai = OPENSSL_malloc(u);
-- 
cgit v1.2.3