wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add sanity check to PRF

Browse source 
The function tls1_PRF counts the number of digests in use and partitions
security evenly between them. There always needs to be at least one digest
in use, otherwise this is an internal error. Add a sanity check for this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-03-12 14:37:26 +00:00
parent 7132ac830f
commit 668f6f08c6
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ssl/t1_enc.c
View file

@ -260,6 +260,11 @@ static int tls1_PRF(long digest_mask,
if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
count++;
}
if(!count) {
/* Should never happen */
SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
goto err;
}
len = slen / count;
if (count == 1)
slen = 0;