diff options
| author | Pauli <paul.dale@oracle.com> | 2017-09-14 10:05:22 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2017-09-14 10:26:54 +1000 |
| commit | 76b2ae832679d25e6952934481ac38e0e76e2271 (patch) | |
| tree | 31e69e7b87736599252d0a369a7d4185bd1ee693 /crypto | |
| parent | f4eb24839228675386d0cbfd3e5c2291763a0be4 (diff) | |
| download | openssl-76b2ae832679d25e6952934481ac38e0e76e2271.zip openssl-76b2ae832679d25e6952934481ac38e0e76e2271.tar.gz openssl-76b2ae832679d25e6952934481ac38e0e76e2271.tar.bz2 | |
Ensure that the requested memory size cannot exceed the limit imposed by a
size_t variable.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4357)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/evp/pbe_scrypt.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c index f04f6cd..80a1acd 100644 --- a/crypto/evp/pbe_scrypt.c +++ b/crypto/evp/pbe_scrypt.c @@ -207,6 +207,8 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, if (maxmem == 0) maxmem = SCRYPT_MAX_MEM; + if (maxmem > SIZE_MAX) + maxmem = SIZE_MAX; if (Blen + Vlen > maxmem) { EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED); |