projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Fix HMAC to pass invalid key len test
[openssl.git]
/
crypto
/
hmac
/
hmac.c
diff --git
a/crypto/hmac/hmac.c
b/crypto/hmac/hmac.c
index f1fdba42d852afa57bc8e853c47a5f35561666ce..8ee5b2ac190be627709410137d07fe81bc828e85 100644
(file)
--- a/
crypto/hmac/hmac.c
+++ b/
crypto/hmac/hmac.c
@@
-93,7
+93,8
@@
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
&ctx->key_length))
goto err;
} else {
- OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key));
+ if(len < 0 || len > (int)sizeof(ctx->key))
+ return 0;
memcpy(ctx->key, key, len);
ctx->key_length = len;
}