Fix HMAC to pass invalid key len test

author Matt Caswell <matt@openssl.org>

Tue, 10 Feb 2015 13:15:25 +0000 (13:15 +0000)

committer Matt Caswell <matt@openssl.org>

Wed, 25 Mar 2015 13:01:04 +0000 (13:01 +0000)
author Matt Caswell <matt@openssl.org>
Tue, 10 Feb 2015 13:15:25 +0000 (13:15 +0000)
committer Matt Caswell <matt@openssl.org>
Wed, 25 Mar 2015 13:01:04 +0000 (13:01 +0000)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c

index 6567648acc71966966ed88942639bf1c25a958d9..2daacf6e704fe311ce4687c15396e0131b9663b0 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -113,7 +113,8 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                                      &ctx->key_length))
                  goto err;
          } else {
-            OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key));
+            if(len < 0 || len > (int)sizeof(ctx->key))
+                return 0;
              memcpy(ctx->key, key, len);
              ctx->key_length = len;
          }
author	Matt Caswell <matt@openssl.org>
	Tue, 10 Feb 2015 13:15:25 +0000 (13:15 +0000)
committer	Matt Caswell <matt@openssl.org>
	Wed, 25 Mar 2015 13:01:04 +0000 (13:01 +0000)