From: Jay Satiro <raysatiro@yahoo.com>
Date: Wed, 25 Mar 2015 06:37:20 +0000 (-0400)
Subject: cyassl: Check for invalid length parameter in Curl_cyassl_random
X-Git-Tag: curl-7_42_0~86
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d29f8b460c9d4b5609c2330d97ecf9ffec210453;p=thirdparty%2Fcurl.git

cyassl: Check for invalid length parameter in Curl_cyassl_random
---

diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 090270a084..72e1792df0 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -640,7 +640,9 @@ int Curl_cyassl_random(struct SessionHandle *data,
   (void)data;
   if(InitRng(&rng))
     return 1;
-  if(RNG_GenerateBlock(&rng, entropy, length))
+  if(length > UINT_MAX)
+    return 1;
+  if(RNG_GenerateBlock(&rng, entropy, (unsigned)length))
     return 1;
   return 0;
 }