Ensure that the requested memory size cannot exceed the limit imposed by a
authorPauli <paul.dale@oracle.com>
Thu, 14 Sep 2017 00:05:22 +0000 (10:05 +1000)
committerPauli <paul.dale@oracle.com>
Thu, 14 Sep 2017 00:26:54 +0000 (10:26 +1000)
size_t variable.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4357)

crypto/evp/pbe_scrypt.c

index f04f6cda0a92c8cce6b2aa387f02546a0d62b1a3..80a1acd2ce143200cc676945b571173c75193c13 100644 (file)
@@ -207,6 +207,8 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
 
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
 
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
+    if (maxmem > SIZE_MAX)
+        maxmem = SIZE_MAX;
 
     if (Blen + Vlen > maxmem) {
         EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
 
     if (Blen + Vlen > maxmem) {
         EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);