projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DSA: Check for sanity of input parameters
[openssl.git] / crypto / dsa / dsa_gen.c
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 46f4f01ee0e49123485cb9000d4ef615fcf4e5f9..383d853b6d37307be26a3dd5d15277cff79d0db4 100644 (file)
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -327,6 +327,12 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
     if (mctx == NULL)
         goto err;
 
+    /* make sure L > N, otherwise we'll get trapped in an infinite loop */
+    if (L <= N) {
+        DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
+        goto err;
+    }
+
     if (evpmd == NULL) {
         if (N == 160)
             evpmd = EVP_sha1();
Unnamed repository; edit this file 'description' to name the repository.