projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Update hkdf.c to avoid potentially vulnerable code pattern
[openssl.git]
/
providers
/
implementations
/
kdfs
/
hkdf.c
diff --git
a/providers/implementations/kdfs/hkdf.c
b/providers/implementations/kdfs/hkdf.c
index f0b46a1fc50b07cb97937c49d2de8772e7303ef2..7f42f426479f308f3b777021d78e228c6c9d6ce3 100644
(file)
--- a/
providers/implementations/kdfs/hkdf.c
+++ b/
providers/implementations/kdfs/hkdf.c
@@
-531,7
+531,7
@@
static int HKDF_Expand(const EVP_MD *evp_md,
if (!HMAC_Final(hmac, prev, NULL))
goto err;
- copy_len = (d
one_len + dig_len > okm
_len) ?
+ copy_len = (d
ig_len > okm_len - done
_len) ?
okm_len - done_len :
dig_len;