From: Dr. Stephen Henson <steve@openssl.org>
Date: Mon, 12 Sep 2011 18:45:05 +0000 (+0000)
Subject: Check length of additional input in DRBG generate function.
X-Git-Tag: OpenSSL-fips-2_0-rc1~150
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=361d18a20836b790e6ffebaf8f7223f686811290;p=thirdparty%2Fopenssl.git

Check length of additional input in DRBG generate function.
---

diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c
index 98bd10bce37..015b95a9726 100644
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -377,6 +377,12 @@ int FIPS_drbg_generate(DRBG_CTX *dctx, unsigned char *out, size_t outlen,
 		return 0;
 		}
 
+	if (adinlen > dctx->max_adin)
+		{
+		r = FIPS_R_ADDITIONAL_INPUT_TOO_LONG;
+		goto end;
+		}
+
 	if (dctx->flags & DRBG_CUSTOM_RESEED)
 		dctx->generate(dctx, NULL, outlen, NULL, 0);
 	else if (dctx->reseed_counter >= dctx->reseed_interval)