projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 62f29eb)
PR: 2522
authorDr. Stephen Henson <steve@openssl.org>
Mon, 23 May 2011 12:27:43 +0000 (12:27 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 23 May 2011 12:27:43 +0000 (12:27 +0000)
Submitted by: Henrik Grindal Bakken <henribak@cisco.com>

Don't compare past end of buffer.

fips/rand/fips_drbg_lib.c patch | blob | history

diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c
index 7892a02b60227bc6390d78903232f62f63a4d19c..46f059d05806da31fbc69c2805ac14da100e00c8 100644 (file)
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -145,7 +145,7 @@ static size_t fips_get_entropy(DRBG_CTX *dctx, unsigned char **pout,
        if (rv < (min_len + bl) || (rv % bl))
                return 0;
        /* Compare consecutive blocks for continuous PRNG test */
-       for (p = tout; p < tout + rv; p += bl)
+       for (p = tout; p < tout + rv - bl; p += bl)
                {
                if (!memcmp(p, p + bl, bl))
                        {
Unnamed repository; edit this file 'description' to name the repository.