projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
4ebc70c
)
Fix HMAC to pass invalid key len test
author
Matt Caswell
<matt@openssl.org>
Tue, 10 Feb 2015 13:15:25 +0000
(13:15 +0000)
committer
Matt Caswell
<matt@openssl.org>
Wed, 25 Mar 2015 13:01:04 +0000
(13:01 +0000)
Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/hmac/hmac.c
patch
|
blob
|
history
diff --git
a/crypto/hmac/hmac.c
b/crypto/hmac/hmac.c
index 6567648acc71966966ed88942639bf1c25a958d9..2daacf6e704fe311ce4687c15396e0131b9663b0 100644
(file)
--- a/
crypto/hmac/hmac.c
+++ b/
crypto/hmac/hmac.c
@@
-113,7
+113,8
@@
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
&ctx->key_length))
goto err;
} else {
- OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key));
+ if(len < 0 || len > (int)sizeof(ctx->key))
+ return 0;
memcpy(ctx->key, key, len);
ctx->key_length = len;
}