]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 46ac83e)
pkcs12: check for zero length digest to avoid division by zero
authorPauli <pauli@openssl.org>
Tue, 17 Aug 2021 03:17:17 +0000 (13:17 +1000)
committerPauli <pauli@openssl.org>
Wed, 18 Aug 2021 06:14:42 +0000 (16:14 +1000)
Fixes #16331

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/16332)

providers/implementations/kdfs/pkcs12kdf.c patch | blob | blame | history

diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c
index 0ca83dd243244fd109310deb46f7c977ca49fd93..2037b458c8bfb7c02745a09df434d977043ddabd 100644 (file)
--- a/providers/implementations/kdfs/pkcs12kdf.c
+++ b/providers/implementations/kdfs/pkcs12kdf.c
@@ -64,7 +64,7 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen,
     }
     vi = EVP_MD_get_block_size(md_type);
     ui = EVP_MD_get_size(md_type);
-    if (ui < 0 || vi <= 0) {
+    if (ui <= 0 || vi <= 0) {
         ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_SIZE);
         goto end;
     }
Mirror of https://github.com/openssl/openssl.git