]> git.ipfire.org Git - thirdparty/openssl.git/blobdiff - crypto/rand/drbg_ctr.c
projects / thirdparty / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix a buffer overflow in drbg_ctr_generate
[thirdparty/openssl.git] / crypto / rand / drbg_ctr.c
diff --git a/crypto/rand/drbg_ctr.c b/crypto/rand/drbg_ctr.c
index 050ae496526e8d0b887463a4735479b2f1836835..33e1b324c6a5758ac694dc0d6043e28718bdff71 100644 (file)
--- a/crypto/rand/drbg_ctr.c
+++ b/crypto/rand/drbg_ctr.c
@@ -366,9 +366,11 @@ __owur static int drbg_ctr_generate(RAND_DRBG *drbg,
         ctr32 = GETU32(ctr->V + 12) + blocks;
         if (ctr32 < blocks) {
             /* 32-bit counter overflow into V. */
-            blocks -= ctr32;
-            buflen = blocks * 16;
-            ctr32 = 0;
+            if (ctr32 != 0) {
+                blocks -= ctr32;
+                buflen = blocks * 16;
+                ctr32 = 0;
+            }
             ctr96_inc(ctr->V);
         }
         PUTU32(ctr->V + 12, ctr32);
A mirror of the official openssl repository