Security fixes brought forward from 0.9.7.

author: Ben Laurie <ben@openssl.org> 2002-11-13 15:43:43 +0000
committer: Ben Laurie <ben@openssl.org> 2002-11-13 15:43:43 +0000
commit: 54a656ef081f72a740c550ebd8099b40b8b5cde0 (patch)
tree: 9b3638b56848c7f0648b84cfa7ad056116b37a1b /crypto/evp/p5_crpt.c
parent: 8f797f14b8ff7d3d5cb04443284259a0c94860b3 (diff)
download: openssl-54a656ef081f72a740c550ebd8099b40b8b5cde0.zip
openssl-54a656ef081f72a740c550ebd8099b40b8b5cde0.tar.gz
openssl-54a656ef081f72a740c550ebd8099b40b8b5cde0.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
index 27a8286..d15b799 100644
--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -140,7 +140,9 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
 		EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
 	}
 	EVP_MD_CTX_cleanup(&ctx);
+	OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp);
 	memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
+	OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
 	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
 						 EVP_CIPHER_iv_length(cipher));
 	EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
author	Ben Laurie <ben@openssl.org>	2002-11-13 15:43:43 +0000
committer	Ben Laurie <ben@openssl.org>	2002-11-13 15:43:43 +0000
commit	54a656ef081f72a740c550ebd8099b40b8b5cde0 (patch)
tree	9b3638b56848c7f0648b84cfa7ad056116b37a1b /crypto/evp/p5_crpt.c
parent	8f797f14b8ff7d3d5cb04443284259a0c94860b3 (diff)
download	openssl-54a656ef081f72a740c550ebd8099b40b8b5cde0.zip openssl-54a656ef081f72a740c550ebd8099b40b8b5cde0.tar.gz openssl-54a656ef081f72a740c550ebd8099b40b8b5cde0.tar.bz2